From f7746238762160d0a83629944027eea5957dcea5 Mon Sep 17 00:00:00 2001
From: 0neStep <146049978+AperturePlus@users.noreply.github.com>
Date: Sat, 21 Mar 2026 15:25:28 +0800
Subject: [PATCH 1/8] deleted old sql schema files

---
 docs/schema-mariadb.sql  |  358 ---------
 docs/schema-postgres.sql | 1624 --------------------------------------
 2 files changed, 1982 deletions(-)
 delete mode 100644 docs/schema-mariadb.sql
 delete mode 100644 docs/schema-postgres.sql

diff --git a/docs/schema-mariadb.sql b/docs/schema-mariadb.sql
deleted file mode 100644
index 8e0556a..0000000
--- a/docs/schema-mariadb.sql
+++ /dev/null
@@ -1,358 +0,0 @@
--- mysql or mariadb
-CREATE DATABASE IF NOT EXISTS kepan
-    CHARACTER SET utf8mb4
-    COLLATE utf8mb4_unicode_ci;
-
-USE kepan;
-
--- 用户表
-CREATE TABLE IF NOT EXISTS `user` (  
-  user_id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT COMMENT '用户ID',  
-  username VARCHAR(100) NOT NULL COMMENT '用户名',  
-  email VARCHAR(255) NOT NULL COMMENT '邮箱',  
-  password_hash VARCHAR(255) NOT NULL COMMENT 'hash密码',  
-  storage_limit BIGINT NOT NULL DEFAULT 10737418240 COMMENT '存储空间上限(10GB)',  
-  storage_used BIGINT NOT NULL DEFAULT 0 COMMENT '已用存储空间(由应用层维护)',  
-  created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',  
-  updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '最后更新时间',  
-  PRIMARY KEY (user_id),  
-  UNIQUE KEY uk_username (username),  
-  UNIQUE KEY uk_email (email)  
-) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci COMMENT='用户信息表';
-
-ALTER TABLE `user` ADD COLUMN `role` VARCHAR(50) NOT NULL DEFAULT 'USER' COMMENT '用户角色 (e.g., USER, ADMIN)' AFTER `password_hash`;
--- 用户组与成员表 
-CREATE TABLE IF NOT EXISTS user_group (
-    id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT,
-    name VARCHAR(100) NOT NULL UNIQUE,
-    description VARCHAR(255)
-);
-
--- 用户组与成员表
-CREATE TABLE IF NOT EXISTS user_group_member (
-    id INT PRIMARY KEY AUTO_INCREMENT,
-    user_id BIGINT UNSIGNED NOT NULL,
-    group_id BIGINT UNSIGNED NOT NULL,
-    role VARCHAR(50) NOT NULL DEFAULT 'member',
-    FOREIGN KEY (user_id) REFERENCES user(user_id) ON DELETE CASCADE,
-    FOREIGN KEY (group_id) REFERENCES user_group(id) ON DELETE CASCADE,
-    UNIQUE KEY (user_id, group_id)
-);
-
-
-CREATE TABLE IF NOT EXISTS `storage_object` (
-  object_id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT COMMENT '物理对象ID',
-  object_hash CHAR(64) NOT NULL COMMENT '内容哈希 SHA256，用于去重/秒传',
-  bucket_name VARCHAR(100) NOT NULL COMMENT 'MinIO bucket 名称',
-  object_key VARCHAR(1024) NOT NULL COMMENT 'MinIO 对象键',
-  object_size BIGINT UNSIGNED NOT NULL COMMENT '对象大小(Bytes)',
-  etag VARCHAR(128) DEFAULT NULL COMMENT 'MinIO / S3 ETag',
-  version_id VARCHAR(255) DEFAULT NULL COMMENT '对象版本ID，开启版本控制时使用',
-  content_type VARCHAR(255) DEFAULT NULL COMMENT '对象Content-Type',
-  storage_class VARCHAR(50) DEFAULT NULL COMMENT '存储类型，可预留',
-  upload_status ENUM('uploading', 'active', 'deleted', 'failed') NOT NULL DEFAULT 'active' COMMENT '上传状态',
-  ref_count INT UNSIGNED NOT NULL DEFAULT 1 COMMENT '被多少逻辑文件引用',
-  created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '首次写入时间',
-  updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '更新时间',
-  deleted_at TIMESTAMP NULL DEFAULT NULL COMMENT '逻辑删除时间',
-  PRIMARY KEY (object_id),
-  UNIQUE KEY uk_object_hash (object_hash),
-  UNIQUE KEY uk_bucket_object_key (bucket_name, object_key),
-  KEY idx_upload_status (upload_status)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci COMMENT='MinIO物理对象表';
-
-    
--- 文件夹表：增加软删除  
-CREATE TABLE IF NOT EXISTS `folder` (  
-  folder_id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT COMMENT '文件夹ID',  
-  owner_id BIGINT UNSIGNED NOT NULL COMMENT '所有者ID',  
-  parent_folder_id BIGINT UNSIGNED NULL COMMENT '父文件夹ID (NULL表示根目录)',  
-  folder_name VARCHAR(255) NOT NULL COMMENT '文件夹名称',  
-  `size` BIGINT NOT NULL DEFAULT 0 COMMENT '文件夹总大小(由应用层或触发器维护)',  
-  `status` ENUM('active', 'deleted') NOT NULL DEFAULT 'active' COMMENT '状态',  
-  created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',  
-  updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '修改时间',  
-  deleted_at TIMESTAMP NULL COMMENT '删除时间',  
-  PRIMARY KEY (folder_id),  
-  FOREIGN KEY (owner_id) REFERENCES user(user_id) ON DELETE CASCADE,  
-  FOREIGN KEY (parent_folder_id) REFERENCES folder(folder_id) ON DELETE CASCADE,  
-  UNIQUE KEY uk_folder_name_in_parent (parent_folder_id, folder_name, owner_id, status)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci COMMENT='文件夹信息表';  
-
--- 文件表
-CREATE TABLE IF NOT EXISTS `file` (
-  file_id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT COMMENT '文件逻辑ID',
-  uploader_id BIGINT UNSIGNED NOT NULL COMMENT '上传者ID',
-  owner_id BIGINT UNSIGNED NOT NULL COMMENT '文件所属者ID',
-  folder_id BIGINT UNSIGNED NOT NULL COMMENT '所属文件夹ID',
-  file_name VARCHAR(255) NOT NULL COMMENT '显示文件名',
-  file_ext VARCHAR(50) DEFAULT NULL COMMENT '文件扩展名',
-  mime_type VARCHAR(255) DEFAULT NULL COMMENT 'MIME类型',
-  storage_object_id BIGINT UNSIGNED NOT NULL COMMENT '关联物理对象ID',
-  file_size BIGINT UNSIGNED NOT NULL COMMENT '逻辑文件大小',
-  is_latest BOOLEAN NOT NULL DEFAULT TRUE COMMENT '是否当前最新版本',
-  status ENUM('active', 'deleted') NOT NULL DEFAULT 'active' COMMENT '逻辑状态',
-  created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',
-  updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT '修改时间',
-  deleted_at TIMESTAMP NULL DEFAULT NULL COMMENT '删除时间',
-  PRIMARY KEY (file_id),
-  FOREIGN KEY (uploader_id) REFERENCES `user`(user_id) ON DELETE CASCADE,
-  FOREIGN KEY (owner_id) REFERENCES `user`(user_id) ON DELETE CASCADE,
-  FOREIGN KEY (folder_id) REFERENCES folder(folder_id) ON DELETE CASCADE,
-  FOREIGN KEY (storage_object_id) REFERENCES storage_object(object_id),
-  UNIQUE KEY uk_file_name_in_folder (folder_id, file_name, owner_id, status),
-  KEY idx_storage_object_id (storage_object_id),
-  KEY idx_owner_folder (owner_id, folder_id, status)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci COMMENT='文件逻辑信息表';
-
--- ACL表：访问控制列表
-CREATE TABLE IF NOT EXISTS acl (
-    id INT PRIMARY KEY AUTO_INCREMENT,
-    file_id BIGINT UNSIGNED DEFAULT NULL,
-    folder_id BIGINT UNSIGNED DEFAULT NULL,
-    user_id BIGINT UNSIGNED DEFAULT NULL,
-    group_id BIGINT UNSIGNED DEFAULT NULL,
-    permission VARCHAR(100) NOT NULL,
-    FOREIGN KEY (file_id) REFERENCES file(file_id) ON DELETE CASCADE,
-    FOREIGN KEY (folder_id) REFERENCES folder(folder_id) ON DELETE CASCADE,
-    FOREIGN KEY (user_id) REFERENCES user(user_id) ON DELETE CASCADE,
-    FOREIGN KEY (group_id) REFERENCES user_group(id) ON DELETE CASCADE,
-    CHECK ((user_id IS NOT NULL OR group_id IS NOT NULL) AND (file_id IS NOT NULL OR folder_id IS NOT NULL))
-);
-
--- 分享表
-CREATE TABLE IF NOT EXISTS share (
-    share_id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT,
-    user_id BIGINT UNSIGNED NOT NULL,
-    resource_type VARCHAR(50) NOT NULL COMMENT '分享的资源类型 (file, folder)',
-    file_id BIGINT UNSIGNED DEFAULT NULL, 
-    folder_id BIGINT UNSIGNED DEFAULT NULL, 
-    share_link VARCHAR(255) UNIQUE NOT NULL,
-    share_type VARCHAR(50) NOT NULL DEFAULT 'public' COMMENT '分享类型 (public, private, password)',
-    password_hash VARCHAR(255) DEFAULT NULL, 
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    expire_time TIMESTAMP NULL DEFAULT NULL,
-    visit_count INT UNSIGNED NOT NULL DEFAULT 0,
-    download_count INT UNSIGNED NOT NULL DEFAULT 0,
-    PRIMARY KEY (share_id),
-    FOREIGN KEY (user_id) REFERENCES `user`(user_id) ON DELETE CASCADE,
-    FOREIGN KEY (file_id) REFERENCES `file`(file_id) ON DELETE CASCADE,
-    FOREIGN KEY (folder_id) REFERENCES folder(folder_id) ON DELETE CASCADE,
-    CHECK ((file_id IS NOT NULL AND folder_id IS NULL) OR (file_id IS NULL AND folder_id IS NOT NULL))
-);
-
--- 日志表
-CREATE TABLE IF NOT EXISTS `log` (
-    id INT PRIMARY KEY AUTO_INCREMENT,
-    user_id BIGINT UNSIGNED NOT NULL, 
-    operation VARCHAR(255) NOT NULL,
-    details TEXT, -- 记录更详细的信息，如移动的源和目标路径
-    ip_address VARCHAR(45),
-    performed_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-    FOREIGN KEY (user_id) REFERENCES `user`(user_id) ON DELETE CASCADE 
-);
-
--- 通知表
-CREATE TABLE IF NOT EXISTS `notification` (
-    id INT PRIMARY KEY AUTO_INCREMENT,
-    user_id BIGINT UNSIGNED NOT NULL, 
-    message VARCHAR(255) NOT NULL,
-    is_read BOOLEAN DEFAULT FALSE,
-    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-    FOREIGN KEY (user_id) REFERENCES `user`(user_id) ON DELETE CASCADE 
-);
-
-
--- ----------------------------  
--- View structure for v_file_folder_details  
--- ----------------------------  
-CREATE OR REPLACE VIEW `v_file_folder_details` AS
-SELECT
-  'file' AS item_type,
-  f.file_id AS id,
-  f.file_name AS name,
-  so.object_size AS size,
-  f.mime_type,
-  f.folder_id AS parent_id,
-  f.owner_id AS owner_id,
-  u.username AS owner_name,
-  f.created_at,
-  f.updated_at
-FROM file f
-JOIN user u ON f.owner_id = u.user_id
-JOIN storage_object so ON f.storage_object_id = so.object_id
-WHERE f.status = 'active' AND so.upload_status = 'active'
-UNION ALL
-SELECT
-  'folder' AS item_type,
-  fo.folder_id AS id,
-  fo.folder_name AS name,
-  fo.size,
-  'inode/directory' AS mime_type,
-  fo.parent_folder_id AS parent_id,
-  fo.owner_id AS owner_id,
-  u.username AS owner_name,
-  fo.created_at,
-  fo.updated_at
-FROM folder fo
-JOIN user u ON fo.owner_id = u.user_id
-WHERE fo.status = 'active';
-
--- ----------------------------  
--- View structure for v_user_permissions  
--- ----------------------------  
-CREATE OR REPLACE VIEW v_user_permissions AS  
-SELECT  
-    acl.id AS acl_id,  
-    u.user_id AS user_id,   
-    u.username AS user_name,   
-    COALESCE(f.file_id, fl.folder_id) AS item_id,   
-    COALESCE(f.file_name, fl.folder_name) AS item_name,   
-    CASE   
-        WHEN f.file_id IS NOT NULL THEN 'file'   
-        ELSE 'folder'   
-    END AS item_type,  
-    acl.permission  
-FROM  
-    acl  
-JOIN  
-    `user` u ON acl.user_id = u.user_id   
-LEFT JOIN  
-    `file` f ON acl.file_id = f.file_id   
-LEFT JOIN  
-    folder fl ON acl.folder_id = fl.folder_id   
-WHERE   
-    acl.user_id IS NOT NULL;  
-
--- ----------------------------  
--- View structure for v_user_storage_summary  
--- ----------------------------  
-CREATE OR REPLACE VIEW `v_user_storage_summary` AS  
-SELECT  
-  `user_id`,  
-  `username`,  
-  `storage_limit`,  
-  `storage_used`  
-FROM `user`;  
-
--- ----------------------------  
--- View structure for v_shared_with_me (FIXED)  
--- ----------------------------  
-CREATE OR REPLACE VIEW v_shared_with_me AS  
--- 通过用户组共享给我的  
-SELECT  
-    vffd.item_type,  
-    vffd.id AS item_id,  
-    vffd.name AS item_name,  
-    vffd.owner_name AS shared_by,  
-    acl.permission,  
-    ugm.user_id AS shared_to_user_id  
-FROM acl  
-JOIN user_group_member ugm ON acl.group_id = ugm.group_id  
--- 修复后的 JOIN 条件: 确保 ACL 和视图中的项目类型和ID都匹配  
-JOIN v_file_folder_details vffd   
-    ON (acl.file_id IS NOT NULL AND vffd.item_type = 'file' AND acl.file_id = vffd.id)  
-    OR (acl.folder_id IS NOT NULL AND vffd.item_type = 'folder' AND acl.folder_id = vffd.id)  
-WHERE acl.group_id IS NOT NULL  
-UNION  
--- 直接共享给我的  
-SELECT  
-    vffd.item_type,  
-    vffd.id AS item_id,  
-    vffd.name AS item_name,  
-    vffd.owner_name AS shared_by,  
-    acl.permission,  
-    acl.user_id AS shared_to_user_id  
-FROM acl  
--- 修复后的 JOIN 条件: 确保 ACL 和视图中的项目类型和ID都匹配  
-JOIN v_file_folder_details vffd   
-    ON (acl.file_id IS NOT NULL AND vffd.item_type = 'file' AND acl.file_id = vffd.id)  
-    OR (acl.folder_id IS NOT NULL AND vffd.item_type = 'folder' AND acl.folder_id = vffd.id)  
-WHERE acl.user_id IS NOT NULL;  
-
-
--- ----------------------------  
--- View structure for v_full_path (Requires MySQL 8.0+ or MariaDB 10.2.2+)  
--- ----------------------------  
-CREATE OR REPLACE VIEW v_full_path AS  
-WITH RECURSIVE folder_path (id, name, path) AS (  
-  -- 根目录  
-  SELECT   
-    folder_id,   
-    folder_name,   
-    CAST(folder_name AS CHAR(2048))  
-  FROM folder  
-  WHERE parent_folder_id IS NULL  
-  UNION ALL  
-  -- 递归查找子目录  
-  SELECT   
-    f.folder_id,   
-    f.folder_name,   
-    CONCAT(fp.path, '/', f.folder_name)  
-  FROM folder AS f JOIN folder_path AS fp ON f.parent_folder_id = fp.id  
-)  
-SELECT id, path FROM folder_path;  
-
--- ----------------------------  
--- View structure for v_user_recycle_bin  
--- ----------------------------  
-CREATE OR REPLACE VIEW v_user_recycle_bin AS  
-SELECT   
-    'file' AS item_type,  
-    f.file_id AS id,  
-    f.file_name AS name,  
-    so.size,  
-    f.folder_id AS parent_id,  
-    f.uploader_id AS owner_id,  
-    u.username AS owner_name,  
-    f.deleted_at  
-FROM file f  
-JOIN user u ON f.uploader_id = u.user_id  
-JOIN storage_object so ON f.object_hash = so.hash  
-WHERE f.status = 'deleted' AND f.deleted_at IS NOT NULL  
-UNION ALL  
-SELECT   
-    'folder' AS item_type,  
-    fo.folder_id AS id,  
-    fo.folder_name AS name,  
-    fo.size,  
-    fo.parent_folder_id AS parent_id,  
-    fo.owner_id AS owner_id,  
-    u.username AS owner_name,  
-    fo.deleted_at  
-FROM folder fo  
-JOIN user u ON fo.owner_id = u.user_id  
-WHERE fo.status = 'deleted' AND fo.deleted_at IS NOT NULL;  
-
-CREATE TABLE IF NOT EXISTS `upload_task` (
-  task_id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT COMMENT '上传任务ID',
-  user_id BIGINT UNSIGNED NOT NULL COMMENT '发起者',
-  bucket_name VARCHAR(100) NOT NULL COMMENT '目标bucket',
-  object_key VARCHAR(1024) NOT NULL COMMENT '目标对象键',
-  object_hash CHAR(64) DEFAULT NULL COMMENT '预计算哈希，可为空',
-  total_size BIGINT UNSIGNED NOT NULL COMMENT '总大小',
-  upload_id VARCHAR(255) DEFAULT NULL COMMENT 'MinIO multipart upload id',
-  upload_mode ENUM('single', 'multipart') NOT NULL DEFAULT 'single',
-  status ENUM('init', 'uploading', 'completed', 'aborted', 'failed') NOT NULL DEFAULT 'init',
-  expired_at TIMESTAMP NULL DEFAULT NULL COMMENT '任务过期时间',
-  created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-  updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
-  PRIMARY KEY (task_id),
-  FOREIGN KEY (user_id) REFERENCES `user`(user_id) ON DELETE CASCADE,
-  KEY idx_user_status (user_id, status),
-  UNIQUE KEY uk_upload_target (bucket_name, object_key, upload_id)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci COMMENT='上传任务表';
-
-CREATE TABLE IF NOT EXISTS `upload_task_part` (
-  id BIGINT UNSIGNED NOT NULL AUTO_INCREMENT,
-  task_id BIGINT UNSIGNED NOT NULL,
-  part_number INT NOT NULL COMMENT '分片序号',
-  etag VARCHAR(128) DEFAULT NULL COMMENT '该分片上传后的ETag',
-  part_size BIGINT UNSIGNED NOT NULL COMMENT '分片大小',
-  status ENUM('pending', 'uploaded') NOT NULL DEFAULT 'pending',
-  created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-  updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
-  PRIMARY KEY (id),
-  FOREIGN KEY (task_id) REFERENCES upload_task(task_id) ON DELETE CASCADE,
-  UNIQUE KEY uk_task_part (task_id, part_number)
-) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci COMMENT='上传分片表';
\ No newline at end of file
diff --git a/docs/schema-postgres.sql b/docs/schema-postgres.sql
deleted file mode 100644
index 76fab83..0000000
--- a/docs/schema-postgres.sql
+++ /dev/null
@@ -1,1624 +0,0 @@
-
-
--- =========================
--- Enum types
--- =========================
-DO $$
-BEGIN
-    IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'upload_status_enum') THEN
-        CREATE TYPE upload_status_enum AS ENUM ('uploading', 'active', 'deleted', 'failed');
-    END IF;
-
-    IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'folder_status_enum') THEN
-        CREATE TYPE folder_status_enum AS ENUM ('active', 'deleted');
-    END IF;
-
-    IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'file_status_enum') THEN
-        CREATE TYPE file_status_enum AS ENUM ('active', 'deleted');
-    END IF;
-
-    IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'upload_mode_enum') THEN
-        CREATE TYPE upload_mode_enum AS ENUM ('single', 'multipart');
-    END IF;
-
-    IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'upload_task_status_enum') THEN
-        CREATE TYPE upload_task_status_enum AS ENUM ('init', 'uploading', 'completed', 'aborted', 'failed');
-    END IF;
-
-    IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'upload_part_status_enum') THEN
-        CREATE TYPE upload_part_status_enum AS ENUM ('pending', 'uploaded', 'failed');
-    END IF;
-
-    IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'user_status_enum') THEN
-        CREATE TYPE user_status_enum AS ENUM ('pending_verification', 'active', 'locked', 'disabled');
-    END IF;
-
-    IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'folder_type_enum') THEN
-        CREATE TYPE folder_type_enum AS ENUM ('normal', 'root', 'system');
-    END IF;
-
-    IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'share_status_enum') THEN
-        CREATE TYPE share_status_enum AS ENUM ('active', 'expired', 'revoked', 'deleted');
-    END IF;
-
-    IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'share_member_status_enum') THEN
-        CREATE TYPE share_member_status_enum AS ENUM ('pending', 'accepted', 'rejected', 'revoked');
-    END IF;
-
-    IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'favorite_item_type_enum') THEN
-        CREATE TYPE favorite_item_type_enum AS ENUM ('file', 'folder');
-    END IF;
-
-    IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'view_mode_enum') THEN
-        CREATE TYPE view_mode_enum AS ENUM ('list', 'grid');
-    END IF;
-
-    IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'sort_by_enum') THEN
-        CREATE TYPE sort_by_enum AS ENUM ('name', 'size', 'created_at', 'updated_at', 'last_accessed_at');
-    END IF;
-
-    IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'sort_direction_enum') THEN
-        CREATE TYPE sort_direction_enum AS ENUM ('asc', 'desc');
-    END IF;
-
-    IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'preview_status_enum') THEN
-        CREATE TYPE preview_status_enum AS ENUM ('pending', 'ready', 'failed');
-    END IF;
-
-    IF NOT EXISTS (SELECT 1 FROM pg_type WHERE typname = 'scan_result_enum') THEN
-        CREATE TYPE scan_result_enum AS ENUM ('pending', 'clean', 'infected', 'blocked', 'failed');
-    END IF;
-END
-$$;
-
-CREATE EXTENSION IF NOT EXISTS pg_trgm;
-
--- =========================
--- updated_at trigger
--- =========================
-CREATE OR REPLACE FUNCTION set_updated_at()
-RETURNS TRIGGER AS $$
-BEGIN
-    NEW.updated_at = CURRENT_TIMESTAMP;
-    RETURN NEW;
-END;
-$$ LANGUAGE plpgsql;
-
--- =========================
--- 用户表
--- =========================
-CREATE TABLE IF NOT EXISTS "user" (
-    user_id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    username VARCHAR(100) NOT NULL,
-    email VARCHAR(255) NOT NULL,
-    password_hash VARCHAR(255) NOT NULL,
-    role VARCHAR(50) NOT NULL DEFAULT 'USER',
-    status user_status_enum NOT NULL DEFAULT 'active',
-    email_verified BOOLEAN NOT NULL DEFAULT FALSE,
-    email_verified_at TIMESTAMP NULL,
-    storage_limit BIGINT NOT NULL DEFAULT 10737418240,
-    storage_used BIGINT NOT NULL DEFAULT 0,
-    last_login_at TIMESTAMP NULL,
-    failed_login_count INTEGER NOT NULL DEFAULT 0,
-    locked_until TIMESTAMP NULL,
-    password_changed_at TIMESTAMP NULL,
-    deleted_at TIMESTAMP NULL,
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP
-);
-
-CREATE UNIQUE INDEX IF NOT EXISTS uk_user_username_ci ON "user" ((LOWER(username)));
-CREATE UNIQUE INDEX IF NOT EXISTS uk_user_email_ci ON "user" ((LOWER(email)));
-CREATE INDEX IF NOT EXISTS idx_user_status ON "user" (status);
-CREATE INDEX IF NOT EXISTS idx_user_locked_until ON "user" (locked_until);
-
-CREATE TRIGGER trg_user_updated_at
-BEFORE UPDATE ON "user"
-FOR EACH ROW
-EXECUTE FUNCTION set_updated_at();
-
--- =========================
--- 用户组
--- =========================
-CREATE TABLE IF NOT EXISTS user_group (
-    id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    name VARCHAR(100) NOT NULL UNIQUE,
-    description VARCHAR(255)
-);
-
-CREATE TABLE IF NOT EXISTS user_group_member (
-    id INTEGER GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    user_id BIGINT NOT NULL,
-    group_id BIGINT NOT NULL,
-    role VARCHAR(50) NOT NULL DEFAULT 'member',
-    CONSTRAINT fk_ugm_user FOREIGN KEY (user_id) REFERENCES "user"(user_id) ON DELETE CASCADE,
-    CONSTRAINT fk_ugm_group FOREIGN KEY (group_id) REFERENCES user_group(id) ON DELETE CASCADE,
-    CONSTRAINT uk_user_group UNIQUE (user_id, group_id)
-);
-
--- =========================
--- 存储对象表
--- =========================
-CREATE TABLE IF NOT EXISTS storage_object (
-    object_id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    object_hash CHAR(64),
-    hash_algorithm VARCHAR(32) NOT NULL DEFAULT 'sha256',
-    bucket_name VARCHAR(100) NOT NULL,
-    object_key VARCHAR(1024) NOT NULL,
-    object_size BIGINT NOT NULL,
-    etag VARCHAR(128),
-    version_id VARCHAR(255),
-    content_type VARCHAR(255),
-    storage_class VARCHAR(50),
-    upload_status upload_status_enum NOT NULL DEFAULT 'active',
-    scan_status scan_result_enum NOT NULL DEFAULT 'pending',
-    moderation_status VARCHAR(32) NOT NULL DEFAULT 'pending',
-    quarantined_at TIMESTAMP NULL,
-    last_scanned_at TIMESTAMP NULL,
-    metadata JSONB NOT NULL DEFAULT '{}'::jsonb,
-    ref_count INTEGER NOT NULL DEFAULT 1,
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    deleted_at TIMESTAMP NULL,
-    CONSTRAINT uk_bucket_object_key UNIQUE (bucket_name, object_key)
-);
-
-CREATE UNIQUE INDEX IF NOT EXISTS uk_storage_object_hash_algo_size
-    ON storage_object (hash_algorithm, object_hash, object_size)
-    WHERE object_hash IS NOT NULL;
-
-CREATE INDEX IF NOT EXISTS idx_storage_object_scan_status ON storage_object (scan_status);
-CREATE INDEX IF NOT EXISTS idx_storage_object_moderation_status ON storage_object (moderation_status);
-
-CREATE INDEX IF NOT EXISTS idx_storage_object_upload_status
-ON storage_object(upload_status);
-
-CREATE TRIGGER trg_storage_object_updated_at
-BEFORE UPDATE ON storage_object
-FOR EACH ROW
-EXECUTE FUNCTION set_updated_at();
-
--- =========================
--- 文件夹表
--- =========================
-CREATE TABLE IF NOT EXISTS folder (
-    folder_id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    owner_id BIGINT NOT NULL,
-    parent_folder_id BIGINT NULL,
-    folder_name VARCHAR(255) NOT NULL,
-    cached_size BIGINT NOT NULL DEFAULT 0,
-    status folder_status_enum NOT NULL DEFAULT 'active',
-    folder_type folder_type_enum NOT NULL DEFAULT 'normal',
-    deleted_by BIGINT NULL,
-    restored_at TIMESTAMP NULL,
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    deleted_at TIMESTAMP NULL,
-    CONSTRAINT fk_folder_owner FOREIGN KEY (owner_id) REFERENCES "user"(user_id) ON DELETE CASCADE,
-    CONSTRAINT fk_folder_parent FOREIGN KEY (parent_folder_id) REFERENCES folder(folder_id) ON DELETE CASCADE,
-    CONSTRAINT fk_folder_deleted_by FOREIGN KEY (deleted_by) REFERENCES "user"(user_id) ON DELETE SET NULL
-);
-
-CREATE UNIQUE INDEX IF NOT EXISTS uk_folder_root_name_active
-    ON folder (owner_id, folder_name)
-    WHERE parent_folder_id IS NULL AND status = 'active';
-
-CREATE UNIQUE INDEX IF NOT EXISTS uk_folder_child_name_active
-    ON folder (owner_id, parent_folder_id, folder_name)
-    WHERE parent_folder_id IS NOT NULL AND status = 'active';
-
-CREATE INDEX IF NOT EXISTS idx_folder_owner_parent_status ON folder (owner_id, parent_folder_id, status);
-CREATE INDEX IF NOT EXISTS idx_folder_name_trgm ON folder USING gin ((LOWER(folder_name)) gin_trgm_ops);
-
-CREATE TRIGGER trg_folder_updated_at
-BEFORE UPDATE ON folder
-FOR EACH ROW
-EXECUTE FUNCTION set_updated_at();
-
--- =========================
--- 文件表
--- =========================
-CREATE TABLE IF NOT EXISTS "file" (
-    file_id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    uploader_id BIGINT NOT NULL,
-    owner_id BIGINT NOT NULL,
-    folder_id BIGINT NOT NULL,
-    file_name VARCHAR(255) NOT NULL,
-    file_ext VARCHAR(50),
-    mime_type VARCHAR(255),
-    storage_object_id BIGINT NOT NULL,
-    file_size BIGINT NOT NULL,
-    is_latest BOOLEAN NOT NULL DEFAULT TRUE,
-    status file_status_enum NOT NULL DEFAULT 'active',
-    deleted_by BIGINT NULL,
-    restored_at TIMESTAMP NULL,
-    last_accessed_at TIMESTAMP NULL,
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    deleted_at TIMESTAMP NULL,
-    CONSTRAINT fk_file_uploader FOREIGN KEY (uploader_id) REFERENCES "user"(user_id) ON DELETE CASCADE,
-    CONSTRAINT fk_file_owner FOREIGN KEY (owner_id) REFERENCES "user"(user_id) ON DELETE CASCADE,
-    CONSTRAINT fk_file_folder FOREIGN KEY (folder_id) REFERENCES folder(folder_id) ON DELETE CASCADE,
-    CONSTRAINT fk_file_storage_object FOREIGN KEY (storage_object_id) REFERENCES storage_object(object_id),
-    CONSTRAINT fk_file_deleted_by FOREIGN KEY (deleted_by) REFERENCES "user"(user_id) ON DELETE SET NULL
-);
-
-CREATE UNIQUE INDEX IF NOT EXISTS uk_file_name_active_in_folder
-    ON "file" (owner_id, folder_id, file_name)
-    WHERE status = 'active';
-
-CREATE INDEX IF NOT EXISTS idx_file_last_accessed_at ON "file" (last_accessed_at);
-CREATE INDEX IF NOT EXISTS idx_file_name_trgm ON "file" USING gin ((LOWER(file_name)) gin_trgm_ops);
-
-CREATE INDEX IF NOT EXISTS idx_file_storage_object_id
-ON "file"(storage_object_id);
-
-CREATE INDEX IF NOT EXISTS idx_file_owner_folder
-ON "file"(owner_id, folder_id, status);
-
-CREATE TRIGGER trg_file_updated_at
-BEFORE UPDATE ON "file"
-FOR EACH ROW
-EXECUTE FUNCTION set_updated_at();
-
--- =========================
--- ACL
--- =========================
-CREATE TABLE IF NOT EXISTS acl (
-    id INTEGER GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    file_id BIGINT NULL,
-    folder_id BIGINT NULL,
-    user_id BIGINT NULL,
-    group_id BIGINT NULL,
-    permission VARCHAR(100) NOT NULL,
-    permission_role VARCHAR(50) NOT NULL DEFAULT 'viewer',
-    can_preview BOOLEAN NOT NULL DEFAULT TRUE,
-    can_download BOOLEAN NOT NULL DEFAULT TRUE,
-    can_save BOOLEAN NOT NULL DEFAULT FALSE,
-    can_share BOOLEAN NOT NULL DEFAULT FALSE,
-    expire_at TIMESTAMP NULL,
-    granted_by BIGINT NULL,
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    CONSTRAINT fk_acl_file FOREIGN KEY (file_id) REFERENCES "file"(file_id) ON DELETE CASCADE,
-    CONSTRAINT fk_acl_folder FOREIGN KEY (folder_id) REFERENCES folder(folder_id) ON DELETE CASCADE,
-    CONSTRAINT fk_acl_user FOREIGN KEY (user_id) REFERENCES "user"(user_id) ON DELETE CASCADE,
-    CONSTRAINT fk_acl_group FOREIGN KEY (group_id) REFERENCES user_group(id) ON DELETE CASCADE,
-    CONSTRAINT fk_acl_granted_by FOREIGN KEY (granted_by) REFERENCES "user"(user_id) ON DELETE SET NULL,
-    CONSTRAINT chk_acl_subject_exactly_one CHECK (num_nonnulls(user_id, group_id) = 1),
-    CONSTRAINT chk_acl_resource_exactly_one CHECK (num_nonnulls(file_id, folder_id) = 1)
-);
-
-CREATE UNIQUE INDEX IF NOT EXISTS uk_acl_file_user
-    ON acl (file_id, user_id)
-    WHERE file_id IS NOT NULL AND user_id IS NOT NULL;
-
-CREATE UNIQUE INDEX IF NOT EXISTS uk_acl_file_group
-    ON acl (file_id, group_id)
-    WHERE file_id IS NOT NULL AND group_id IS NOT NULL;
-
-CREATE UNIQUE INDEX IF NOT EXISTS uk_acl_folder_user
-    ON acl (folder_id, user_id)
-    WHERE folder_id IS NOT NULL AND user_id IS NOT NULL;
-
-CREATE UNIQUE INDEX IF NOT EXISTS uk_acl_folder_group
-    ON acl (folder_id, group_id)
-    WHERE folder_id IS NOT NULL AND group_id IS NOT NULL;
-
-CREATE TRIGGER trg_acl_updated_at
-BEFORE UPDATE ON acl
-FOR EACH ROW
-EXECUTE FUNCTION set_updated_at();
-
--- =========================
--- 分享表
--- =========================
-CREATE TABLE IF NOT EXISTS share (
-    share_id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    user_id BIGINT NOT NULL,
-    resource_type VARCHAR(50) NOT NULL,
-    file_id BIGINT NULL,
-    folder_id BIGINT NULL,
-    share_link VARCHAR(255) NOT NULL UNIQUE,
-    share_code VARCHAR(64) NOT NULL,
-    status share_status_enum NOT NULL DEFAULT 'active',
-    share_type VARCHAR(50) NOT NULL DEFAULT 'public',
-    permission_role VARCHAR(50) NOT NULL DEFAULT 'viewer',
-    allow_preview BOOLEAN NOT NULL DEFAULT TRUE,
-    allow_download BOOLEAN NOT NULL DEFAULT TRUE,
-    allow_save BOOLEAN NOT NULL DEFAULT FALSE,
-    allow_reshare BOOLEAN NOT NULL DEFAULT FALSE,
-    require_login BOOLEAN NOT NULL DEFAULT FALSE,
-    max_visits INTEGER NULL,
-    max_downloads INTEGER NULL,
-    password_hash VARCHAR(255),
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    last_accessed_at TIMESTAMP NULL,
-    expire_time TIMESTAMP NULL,
-    visit_count INTEGER NOT NULL DEFAULT 0,
-    download_count INTEGER NOT NULL DEFAULT 0,
-    CONSTRAINT fk_share_user FOREIGN KEY (user_id) REFERENCES "user"(user_id) ON DELETE CASCADE,
-    CONSTRAINT fk_share_file FOREIGN KEY (file_id) REFERENCES "file"(file_id) ON DELETE CASCADE,
-    CONSTRAINT fk_share_folder FOREIGN KEY (folder_id) REFERENCES folder(folder_id) ON DELETE CASCADE,
-    CONSTRAINT chk_share_target CHECK (num_nonnulls(file_id, folder_id) = 1),
-    CONSTRAINT chk_share_limits CHECK (
-        (max_visits IS NULL OR max_visits >= 0)
-        AND
-        (max_downloads IS NULL OR max_downloads >= 0)
-    )
-);
-
-CREATE UNIQUE INDEX IF NOT EXISTS uk_share_code ON share (share_code);
-CREATE INDEX IF NOT EXISTS idx_share_user_status ON share (user_id, status);
-CREATE INDEX IF NOT EXISTS idx_share_expire_time ON share (expire_time);
-
-CREATE TRIGGER trg_share_updated_at
-BEFORE UPDATE ON share
-FOR EACH ROW
-EXECUTE FUNCTION set_updated_at();
-
--- =========================
--- 日志表
--- =========================
-CREATE TABLE IF NOT EXISTS "log" (
-    id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    user_id BIGINT NULL,
-    actor_type VARCHAR(50) NOT NULL DEFAULT 'user',
-    operation VARCHAR(255) NOT NULL,
-    target_type VARCHAR(50) NULL,
-    target_id BIGINT NULL,
-    result VARCHAR(20) NOT NULL DEFAULT 'success',
-    request_id VARCHAR(128) NULL,
-    user_agent VARCHAR(255) NULL,
-    metadata JSONB NOT NULL DEFAULT '{}'::jsonb,
-    details TEXT,
-    ip_address VARCHAR(45),
-    performed_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-    CONSTRAINT fk_log_user FOREIGN KEY (user_id) REFERENCES "user"(user_id) ON DELETE SET NULL
-);
-
-CREATE INDEX IF NOT EXISTS idx_log_performed_at ON "log" (performed_at);
-CREATE INDEX IF NOT EXISTS idx_log_user_operation ON "log" (user_id, operation);
-CREATE INDEX IF NOT EXISTS idx_log_target ON "log" (target_type, target_id);
-CREATE INDEX IF NOT EXISTS idx_log_request_id ON "log" (request_id);
-
--- =========================
--- 通知表
--- =========================
-CREATE TABLE IF NOT EXISTS notification (
-    id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    user_id BIGINT NOT NULL,
-    title VARCHAR(255) NULL,
-    type VARCHAR(50) NOT NULL DEFAULT 'system',
-    channel VARCHAR(50) NOT NULL DEFAULT 'in_app',
-    message TEXT NOT NULL,
-    payload JSONB NOT NULL DEFAULT '{}'::jsonb,
-    sent_at TIMESTAMP NULL,
-    is_read BOOLEAN DEFAULT FALSE,
-    read_at TIMESTAMP NULL,
-    status VARCHAR(50) NOT NULL DEFAULT 'pending',
-    sender_user_id BIGINT NULL,
-    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-    updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    CONSTRAINT fk_notification_user FOREIGN KEY (user_id) REFERENCES "user"(user_id) ON DELETE CASCADE,
-    CONSTRAINT fk_notification_sender_user FOREIGN KEY (sender_user_id) REFERENCES "user"(user_id) ON DELETE SET NULL
-);
-
-CREATE INDEX IF NOT EXISTS idx_notification_user_status ON notification (user_id, status, is_read);
-CREATE INDEX IF NOT EXISTS idx_notification_created_at ON notification (created_at);
-
-CREATE TRIGGER trg_notification_updated_at
-BEFORE UPDATE ON notification
-FOR EACH ROW
-EXECUTE FUNCTION set_updated_at();
-
--- =========================
--- 视图 v_file_folder_details
--- =========================
-CREATE OR REPLACE VIEW v_file_folder_details AS
-SELECT
-    'file' AS item_type,
-    f.file_id AS id,
-    f.file_name AS name,
-    so.object_size AS size,
-    f.mime_type,
-    f.folder_id AS parent_id,
-    f.owner_id AS owner_id,
-    u.username AS owner_name,
-    f.created_at,
-    f.updated_at
-FROM "file" f
-JOIN "user" u ON f.owner_id = u.user_id
-JOIN storage_object so ON f.storage_object_id = so.object_id
-WHERE f.status = 'active' AND so.upload_status = 'active'
-UNION ALL
-SELECT
-    'folder' AS item_type,
-    fo.folder_id AS id,
-    fo.folder_name AS name,
-    fo.cached_size AS size,
-    'inode/directory' AS mime_type,
-    fo.parent_folder_id AS parent_id,
-    fo.owner_id AS owner_id,
-    u.username AS owner_name,
-    fo.created_at,
-    fo.updated_at
-FROM folder fo
-JOIN "user" u ON fo.owner_id = u.user_id
-WHERE fo.status = 'active';
-
--- =========================
--- 视图 v_user_permissions
--- =========================
-CREATE OR REPLACE VIEW v_user_permissions AS
-SELECT
-    acl.id AS acl_id,
-    u.user_id AS user_id,
-    u.username AS user_name,
-    COALESCE(f.file_id, fl.folder_id) AS item_id,
-    COALESCE(f.file_name, fl.folder_name) AS item_name,
-    CASE
-        WHEN f.file_id IS NOT NULL THEN 'file'
-        ELSE 'folder'
-    END AS item_type,
-    acl.permission
-FROM acl
-JOIN "user" u ON acl.user_id = u.user_id
-LEFT JOIN "file" f ON acl.file_id = f.file_id
-LEFT JOIN folder fl ON acl.folder_id = fl.folder_id
-WHERE acl.user_id IS NOT NULL;
-
--- =========================
--- 视图 v_user_storage_summary
--- =========================
-CREATE OR REPLACE VIEW v_user_storage_summary AS
-SELECT
-    user_id,
-    username,
-    storage_limit,
-    storage_used
-FROM "user";
-
--- =========================
--- 视图 v_shared_with_me
--- =========================
-CREATE OR REPLACE VIEW v_shared_with_me AS
-SELECT
-    vffd.item_type,
-    vffd.id AS item_id,
-    vffd.name AS item_name,
-    vffd.owner_name AS shared_by,
-    acl.permission,
-    ugm.user_id AS shared_to_user_id
-FROM acl
-JOIN user_group_member ugm ON acl.group_id = ugm.group_id
-JOIN v_file_folder_details vffd
-    ON (
-        acl.file_id IS NOT NULL AND vffd.item_type = 'file' AND acl.file_id = vffd.id
-    ) OR (
-        acl.folder_id IS NOT NULL AND vffd.item_type = 'folder' AND acl.folder_id = vffd.id
-    )
-WHERE acl.group_id IS NOT NULL
-
-UNION
-
-SELECT
-    vffd.item_type,
-    vffd.id AS item_id,
-    vffd.name AS item_name,
-    vffd.owner_name AS shared_by,
-    acl.permission,
-    acl.user_id AS shared_to_user_id
-FROM acl
-JOIN v_file_folder_details vffd
-    ON (
-        acl.file_id IS NOT NULL AND vffd.item_type = 'file' AND acl.file_id = vffd.id
-    ) OR (
-        acl.folder_id IS NOT NULL AND vffd.item_type = 'folder' AND acl.folder_id = vffd.id
-    )
-WHERE acl.user_id IS NOT NULL;
-
--- =========================
--- 视图 v_full_path
--- =========================
-CREATE OR REPLACE VIEW v_full_path AS
-WITH RECURSIVE folder_path (id, name, path) AS (
-    SELECT
-        folder_id,
-        folder_name,
-        CAST(folder_name AS VARCHAR(2048))
-    FROM folder
-    WHERE parent_folder_id IS NULL
-
-    UNION ALL
-
-    SELECT
-        f.folder_id,
-        f.folder_name,
-        fp.path || '/' || f.folder_name
-    FROM folder f
-    JOIN folder_path fp ON f.parent_folder_id = fp.id
-)
-SELECT id, path
-FROM folder_path;
-
--- =========================
--- 视图 v_user_recycle_bin
--- 注意：原 SQL 这里有明显字段不一致问题，我按现有表结构修正为可执行版本
--- =========================
-CREATE OR REPLACE VIEW v_user_recycle_bin AS
-SELECT
-    'file' AS item_type,
-    f.file_id AS id,
-    f.file_name AS name,
-    so.object_size AS size,
-    f.folder_id AS parent_id,
-    f.uploader_id AS owner_id,
-    u.username AS owner_name,
-    f.deleted_at
-FROM "file" f
-JOIN "user" u ON f.uploader_id = u.user_id
-JOIN storage_object so ON f.storage_object_id = so.object_id
-WHERE f.status = 'deleted' AND f.deleted_at IS NOT NULL
-
-UNION ALL
-
-SELECT
-    'folder' AS item_type,
-    fo.folder_id AS id,
-    fo.folder_name AS name,
-    fo.cached_size AS size,
-    fo.parent_folder_id AS parent_id,
-    fo.owner_id AS owner_id,
-    u.username AS owner_name,
-    fo.deleted_at
-FROM folder fo
-JOIN "user" u ON fo.owner_id = u.user_id
-WHERE fo.status = 'deleted' AND fo.deleted_at IS NOT NULL;
-
--- =========================
--- 上传任务表
--- =========================
-CREATE TABLE IF NOT EXISTS upload_task (
-    task_id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    user_id BIGINT NOT NULL,
-    folder_id BIGINT NULL,
-    file_name VARCHAR(255) NULL,
-    mime_type VARCHAR(255) NULL,
-    bucket_name VARCHAR(100) NOT NULL,
-    object_key VARCHAR(1024) NOT NULL,
-    object_hash CHAR(64),
-    total_size BIGINT NOT NULL,
-    chunk_size BIGINT NULL,
-    uploaded_bytes BIGINT NOT NULL DEFAULT 0,
-    client_file_id VARCHAR(255) NULL,
-    upload_id VARCHAR(255),
-    upload_mode upload_mode_enum NOT NULL DEFAULT 'single',
-    status upload_task_status_enum NOT NULL DEFAULT 'init',
-    last_error TEXT NULL,
-    completed_at TIMESTAMP NULL,
-    expired_at TIMESTAMP NULL,
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    CONSTRAINT fk_upload_task_user FOREIGN KEY (user_id) REFERENCES "user"(user_id) ON DELETE CASCADE,
-    CONSTRAINT fk_upload_task_folder FOREIGN KEY (folder_id) REFERENCES folder(folder_id) ON DELETE SET NULL,
-    CONSTRAINT uk_upload_target UNIQUE (bucket_name, object_key, upload_id)
-);
-
-CREATE INDEX IF NOT EXISTS idx_upload_task_user_status
-ON upload_task(user_id, status);
-
-CREATE INDEX IF NOT EXISTS idx_upload_task_expired_at ON upload_task (expired_at);
-
-CREATE UNIQUE INDEX IF NOT EXISTS uk_upload_task_user_client_file_id
-    ON upload_task (user_id, client_file_id)
-    WHERE client_file_id IS NOT NULL;
-
-CREATE TRIGGER trg_upload_task_updated_at
-BEFORE UPDATE ON upload_task
-FOR EACH ROW
-EXECUTE FUNCTION set_updated_at();
-
--- =========================
--- 上传分片表
--- =========================
-CREATE TABLE IF NOT EXISTS upload_task_part (
-    id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    task_id BIGINT NOT NULL,
-    part_number INTEGER NOT NULL,
-    etag VARCHAR(128),
-    part_size BIGINT NOT NULL,
-    status upload_part_status_enum NOT NULL DEFAULT 'pending',
-    checksum CHAR(64) NULL,
-    uploaded_at TIMESTAMP NULL,
-    retry_count INTEGER NOT NULL DEFAULT 0,
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    CONSTRAINT fk_upload_task_part_task FOREIGN KEY (task_id) REFERENCES upload_task(task_id) ON DELETE CASCADE,
-    CONSTRAINT uk_task_part UNIQUE (task_id, part_number)
-);
-
-CREATE INDEX IF NOT EXISTS idx_upload_task_part_task_status ON upload_task_part (task_id, status);
-
-CREATE TRIGGER trg_upload_task_part_updated_at
-BEFORE UPDATE ON upload_task_part
-FOR EACH ROW
-EXECUTE FUNCTION set_updated_at();
-
--- =========================
--- 2) 新增表
--- =========================
-
--- 密码找回 token
-CREATE TABLE IF NOT EXISTS password_reset_token (
-    token_id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    user_id BIGINT NOT NULL,
-    token_hash CHAR(64) NOT NULL UNIQUE,
-    expire_at TIMESTAMP NOT NULL,
-    used_at TIMESTAMP NULL,
-    requester_ip VARCHAR(45) NULL,
-    user_agent VARCHAR(255) NULL,
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    CONSTRAINT fk_password_reset_token_user FOREIGN KEY (user_id) REFERENCES "user"(user_id) ON DELETE CASCADE
-);
-
-CREATE INDEX IF NOT EXISTS idx_password_reset_token_user_expire
-    ON password_reset_token (user_id, expire_at);
-
--- 邮箱验证 token
-CREATE TABLE IF NOT EXISTS email_verification_token (
-    token_id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    user_id BIGINT NOT NULL,
-    token_hash CHAR(64) NOT NULL UNIQUE,
-    expire_at TIMESTAMP NOT NULL,
-    verified_at TIMESTAMP NULL,
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    CONSTRAINT fk_email_verification_token_user FOREIGN KEY (user_id) REFERENCES "user"(user_id) ON DELETE CASCADE
-);
-
-CREATE INDEX IF NOT EXISTS idx_email_verification_token_user_expire
-    ON email_verification_token (user_id, expire_at);
-
--- 会话表 / refresh token
-CREATE TABLE IF NOT EXISTS user_session (
-    session_id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    user_id BIGINT NOT NULL,
-    refresh_token_hash CHAR(64) NOT NULL UNIQUE,
-    client_type VARCHAR(50) NOT NULL DEFAULT 'web',
-    device_id VARCHAR(255) NULL,
-    device_name VARCHAR(255) NULL,
-    ip_address VARCHAR(45) NULL,
-    user_agent VARCHAR(255) NULL,
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    last_seen_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    expire_at TIMESTAMP NOT NULL,
-    revoked_at TIMESTAMP NULL,
-    CONSTRAINT fk_user_session_user FOREIGN KEY (user_id) REFERENCES "user"(user_id) ON DELETE CASCADE
-);
-
-CREATE INDEX IF NOT EXISTS idx_user_session_user_expire
-    ON user_session (user_id, expire_at);
-
--- 分享成员：支撑“分享给别人”和“接受他人分享”
-CREATE TABLE IF NOT EXISTS share_member (
-    id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    share_id BIGINT NOT NULL,
-    user_id BIGINT NULL,
-    group_id BIGINT NULL,
-    status share_member_status_enum NOT NULL DEFAULT 'pending',
-    target_folder_id BIGINT NULL,
-    accepted_at TIMESTAMP NULL,
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    CONSTRAINT fk_share_member_share FOREIGN KEY (share_id) REFERENCES share(share_id) ON DELETE CASCADE,
-    CONSTRAINT fk_share_member_user FOREIGN KEY (user_id) REFERENCES "user"(user_id) ON DELETE CASCADE,
-    CONSTRAINT fk_share_member_group FOREIGN KEY (group_id) REFERENCES user_group(id) ON DELETE CASCADE,
-    CONSTRAINT fk_share_member_target_folder FOREIGN KEY (target_folder_id) REFERENCES folder(folder_id) ON DELETE SET NULL,
-    CONSTRAINT chk_share_member_subject_exactly_one CHECK (num_nonnulls(user_id, group_id) = 1)
-);
-
-CREATE UNIQUE INDEX IF NOT EXISTS uk_share_member_user
-    ON share_member (share_id, user_id)
-    WHERE user_id IS NOT NULL;
-
-CREATE UNIQUE INDEX IF NOT EXISTS uk_share_member_group
-    ON share_member (share_id, group_id)
-    WHERE group_id IS NOT NULL;
-
-CREATE INDEX IF NOT EXISTS idx_share_member_share_status ON share_member (share_id, status);
-
-DROP TRIGGER IF EXISTS trg_share_member_updated_at ON share_member;
-CREATE TRIGGER trg_share_member_updated_at
-BEFORE UPDATE ON share_member
-FOR EACH ROW
-EXECUTE FUNCTION set_updated_at();
-
--- 星标：文件、文件夹都可加星
-CREATE TABLE IF NOT EXISTS favorite_item (
-    favorite_id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    user_id BIGINT NOT NULL,
-    item_type favorite_item_type_enum NOT NULL,
-    file_id BIGINT NULL,
-    folder_id BIGINT NULL,
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    CONSTRAINT fk_favorite_item_user FOREIGN KEY (user_id) REFERENCES "user"(user_id) ON DELETE CASCADE,
-    CONSTRAINT fk_favorite_item_file FOREIGN KEY (file_id) REFERENCES "file"(file_id) ON DELETE CASCADE,
-    CONSTRAINT fk_favorite_item_folder FOREIGN KEY (folder_id) REFERENCES folder(folder_id) ON DELETE CASCADE,
-    CONSTRAINT chk_favorite_item_target_exactly_one CHECK (num_nonnulls(file_id, folder_id) = 1),
-    CONSTRAINT chk_favorite_item_type_match CHECK (
-        (item_type = 'file' AND file_id IS NOT NULL AND folder_id IS NULL)
-        OR
-        (item_type = 'folder' AND folder_id IS NOT NULL AND file_id IS NULL)
-    )
-);
-
-CREATE UNIQUE INDEX IF NOT EXISTS uk_favorite_item_file
-    ON favorite_item (user_id, file_id)
-    WHERE file_id IS NOT NULL;
-
-CREATE UNIQUE INDEX IF NOT EXISTS uk_favorite_item_folder
-    ON favorite_item (user_id, folder_id)
-    WHERE folder_id IS NOT NULL;
-
--- 目录视图偏好：全局默认 + 每个目录覆盖
-CREATE TABLE IF NOT EXISTS user_folder_preference (
-    preference_id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    user_id BIGINT NOT NULL,
-    folder_id BIGINT NULL,
-    view_mode view_mode_enum NOT NULL DEFAULT 'list',
-    sort_by sort_by_enum NOT NULL DEFAULT 'name',
-    sort_direction sort_direction_enum NOT NULL DEFAULT 'asc',
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    CONSTRAINT fk_user_folder_preference_user FOREIGN KEY (user_id) REFERENCES "user"(user_id) ON DELETE CASCADE,
-    CONSTRAINT fk_user_folder_preference_folder FOREIGN KEY (folder_id) REFERENCES folder(folder_id) ON DELETE CASCADE
-);
-
-CREATE UNIQUE INDEX IF NOT EXISTS uk_user_folder_preference_default
-    ON user_folder_preference (user_id)
-    WHERE folder_id IS NULL;
-
-CREATE UNIQUE INDEX IF NOT EXISTS uk_user_folder_preference_folder
-    ON user_folder_preference (user_id, folder_id)
-    WHERE folder_id IS NOT NULL;
-
-DROP TRIGGER IF EXISTS trg_user_folder_preference_updated_at ON user_folder_preference;
-CREATE TRIGGER trg_user_folder_preference_updated_at
-BEFORE UPDATE ON user_folder_preference
-FOR EACH ROW
-EXECUTE FUNCTION set_updated_at();
-
--- 预览产物：图片缩略图、PDF 页图、视频预览等
-CREATE TABLE IF NOT EXISTS file_preview_asset (
-    preview_id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    source_object_id BIGINT NOT NULL,
-    preview_object_id BIGINT NULL,
-    preview_type VARCHAR(50) NOT NULL,
-    page_no INTEGER NULL,
-    mime_type VARCHAR(255) NULL,
-    width INTEGER NULL,
-    height INTEGER NULL,
-    duration_ms BIGINT NULL,
-    status preview_status_enum NOT NULL DEFAULT 'pending',
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    CONSTRAINT fk_file_preview_asset_source_object FOREIGN KEY (source_object_id) REFERENCES storage_object(object_id) ON DELETE CASCADE,
-    CONSTRAINT fk_file_preview_asset_preview_object FOREIGN KEY (preview_object_id) REFERENCES storage_object(object_id) ON DELETE SET NULL
-);
-
-CREATE UNIQUE INDEX IF NOT EXISTS uk_file_preview_asset_type_page
-    ON file_preview_asset (source_object_id, preview_type, (COALESCE(page_no, -1)));
-
-DROP TRIGGER IF EXISTS trg_file_preview_asset_updated_at ON file_preview_asset;
-CREATE TRIGGER trg_file_preview_asset_updated_at
-BEFORE UPDATE ON file_preview_asset
-FOR EACH ROW
-EXECUTE FUNCTION set_updated_at();
-
--- 媒体元数据：预览 / 转码 / 播放所需
-CREATE TABLE IF NOT EXISTS file_media_metadata (
-    metadata_id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    source_object_id BIGINT NOT NULL UNIQUE,
-    width INTEGER NULL,
-    height INTEGER NULL,
-    duration_ms BIGINT NULL,
-    page_count INTEGER NULL,
-    bitrate INTEGER NULL,
-    sample_rate INTEGER NULL,
-    video_codec VARCHAR(64) NULL,
-    audio_codec VARCHAR(64) NULL,
-    extra_metadata JSONB NOT NULL DEFAULT '{}'::jsonb,
-    extracted_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    CONSTRAINT fk_file_media_metadata_source_object FOREIGN KEY (source_object_id) REFERENCES storage_object(object_id) ON DELETE CASCADE
-);
-
--- 扫描结果：病毒 / 色情 / 其他违规检测
-CREATE TABLE IF NOT EXISTS object_scan_result (
-    scan_id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    object_id BIGINT NOT NULL,
-    scan_type VARCHAR(50) NOT NULL,
-    engine_name VARCHAR(100) NULL,
-    engine_version VARCHAR(100) NULL,
-    result scan_result_enum NOT NULL DEFAULT 'pending',
-    details JSONB NOT NULL DEFAULT '{}'::jsonb,
-    scanned_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    CONSTRAINT fk_object_scan_result_object FOREIGN KEY (object_id) REFERENCES storage_object(object_id) ON DELETE CASCADE
-);
-
-CREATE INDEX IF NOT EXISTS idx_object_scan_result_object_scanned_at
-    ON object_scan_result (object_id, scanned_at DESC);
-
--- 违规处理工单
-CREATE TABLE IF NOT EXISTS moderation_case (
-    case_id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    object_id BIGINT NOT NULL,
-    file_id BIGINT NULL,
-    reason_type VARCHAR(50) NOT NULL,
-    confidence NUMERIC(5,4) NULL,
-    status VARCHAR(50) NOT NULL DEFAULT 'pending',
-    resolution VARCHAR(50) NULL,
-    detail JSONB NOT NULL DEFAULT '{}'::jsonb,
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    handled_by BIGINT NULL,
-    handled_at TIMESTAMP NULL,
-    CONSTRAINT fk_moderation_case_object FOREIGN KEY (object_id) REFERENCES storage_object(object_id) ON DELETE CASCADE,
-    CONSTRAINT fk_moderation_case_file FOREIGN KEY (file_id) REFERENCES "file"(file_id) ON DELETE SET NULL,
-    CONSTRAINT fk_moderation_case_handled_by FOREIGN KEY (handled_by) REFERENCES "user"(user_id) ON DELETE SET NULL
-);
-
-CREATE INDEX IF NOT EXISTS idx_moderation_case_status_created_at
-    ON moderation_case (status, created_at DESC);
-
-DROP TRIGGER IF EXISTS trg_moderation_case_updated_at ON moderation_case;
-CREATE TRIGGER trg_moderation_case_updated_at
-BEFORE UPDATE ON moderation_case
-FOR EACH ROW
-EXECUTE FUNCTION set_updated_at();
-
--- 安全事件：限制滥用、审计风险行为
-CREATE TABLE IF NOT EXISTS security_event (
-    event_id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    user_id BIGINT NULL,
-    session_id BIGINT NULL,
-    event_type VARCHAR(50) NOT NULL,
-    severity VARCHAR(20) NOT NULL DEFAULT 'info',
-    target_type VARCHAR(50) NULL,
-    target_id BIGINT NULL,
-    ip_address VARCHAR(45) NULL,
-    user_agent VARCHAR(255) NULL,
-    detail JSONB NOT NULL DEFAULT '{}'::jsonb,
-    occurred_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    CONSTRAINT fk_security_event_user FOREIGN KEY (user_id) REFERENCES "user"(user_id) ON DELETE SET NULL,
-    CONSTRAINT fk_security_event_session FOREIGN KEY (session_id) REFERENCES user_session(session_id) ON DELETE SET NULL
-);
-
-CREATE INDEX IF NOT EXISTS idx_security_event_user_occurred_at
-    ON security_event (user_id, occurred_at DESC);
-CREATE INDEX IF NOT EXISTS idx_security_event_type_occurred_at
-    ON security_event (event_type, occurred_at DESC);
-
--- 批量下载任务：支持大目录异步打包下载
-CREATE TABLE IF NOT EXISTS batch_download_task (
-    task_id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    user_id BIGINT NOT NULL,
-    archive_name VARCHAR(255) NOT NULL,
-    item_count INTEGER NOT NULL DEFAULT 0,
-    items JSONB NOT NULL DEFAULT '[]'::jsonb,
-    status VARCHAR(50) NOT NULL DEFAULT 'pending',
-    storage_object_id BIGINT NULL,
-    expire_at TIMESTAMP NULL,
-    error_message TEXT NULL,
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    updated_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    completed_at TIMESTAMP NULL,
-    CONSTRAINT fk_batch_download_task_user FOREIGN KEY (user_id) REFERENCES "user"(user_id) ON DELETE CASCADE,
-    CONSTRAINT fk_batch_download_task_storage_object FOREIGN KEY (storage_object_id) REFERENCES storage_object(object_id) ON DELETE SET NULL
-);
-
-CREATE INDEX IF NOT EXISTS idx_batch_download_task_user_status
-    ON batch_download_task (user_id, status);
-
-DROP TRIGGER IF EXISTS trg_batch_download_task_updated_at ON batch_download_task;
-CREATE TRIGGER trg_batch_download_task_updated_at
-BEFORE UPDATE ON batch_download_task
-FOR EACH ROW
-EXECUTE FUNCTION set_updated_at();
-
--- 分享访问日志：访问 / 下载统计明细
-CREATE TABLE IF NOT EXISTS share_access_log (
-    id BIGINT GENERATED BY DEFAULT AS IDENTITY PRIMARY KEY,
-    share_id BIGINT NOT NULL,
-    user_id BIGINT NULL,
-    event_type VARCHAR(20) NOT NULL,
-    ip_address VARCHAR(45) NULL,
-    user_agent VARCHAR(255) NULL,
-    result VARCHAR(20) NOT NULL DEFAULT 'success',
-    created_at TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    CONSTRAINT fk_share_access_log_share FOREIGN KEY (share_id) REFERENCES share(share_id) ON DELETE CASCADE,
-    CONSTRAINT fk_share_access_log_user FOREIGN KEY (user_id) REFERENCES "user"(user_id) ON DELETE SET NULL
-);
-
-CREATE INDEX IF NOT EXISTS idx_share_access_log_share_created_at
-    ON share_access_log (share_id, created_at DESC);
-
--- =========================
--- 3) 触发器 / 维护函数
--- =========================
-
--- 通知表：同步 is_read / read_at
-CREATE OR REPLACE FUNCTION sync_notification_read_at()
-RETURNS TRIGGER AS $$
-BEGIN
-    IF TG_OP = 'INSERT' THEN
-        IF NEW.is_read AND NEW.read_at IS NULL THEN
-            NEW.read_at = CURRENT_TIMESTAMP;
-        ELSIF NOT NEW.is_read THEN
-            NEW.read_at = NULL;
-        END IF;
-        RETURN NEW;
-    END IF;
-
-    IF NEW.is_read AND (OLD.is_read IS DISTINCT FROM NEW.is_read) AND NEW.read_at IS NULL THEN
-        NEW.read_at = CURRENT_TIMESTAMP;
-    ELSIF NOT NEW.is_read THEN
-        NEW.read_at = NULL;
-    ELSIF NEW.read_at IS NOT NULL THEN
-        NEW.is_read = TRUE;
-    END IF;
-
-    RETURN NEW;
-END;
-$$ LANGUAGE plpgsql;
-
-DROP TRIGGER IF EXISTS trg_notification_sync_read_at ON notification;
-CREATE TRIGGER trg_notification_sync_read_at
-BEFORE INSERT OR UPDATE ON notification
-FOR EACH ROW
-EXECUTE FUNCTION sync_notification_read_at();
-
--- 重建 / 维护用户已用空间
-CREATE OR REPLACE FUNCTION recalc_user_storage_used(p_user_id BIGINT)
-RETURNS VOID AS $$
-BEGIN
-    IF p_user_id IS NULL THEN
-        RETURN;
-    END IF;
-
-    UPDATE "user" u
-    SET storage_used = COALESCE((
-        SELECT SUM(f.file_size)
-        FROM "file" f
-        WHERE f.owner_id = p_user_id
-          AND f.status = 'active'
-    ), 0)
-    WHERE u.user_id = p_user_id;
-END;
-$$ LANGUAGE plpgsql;
-
--- 重建 / 维护物理对象引用数
-CREATE OR REPLACE FUNCTION recalc_storage_object_ref_count(p_object_id BIGINT)
-RETURNS VOID AS $$
-BEGIN
-    IF p_object_id IS NULL THEN
-        RETURN;
-    END IF;
-
-    UPDATE storage_object so
-    SET ref_count = COALESCE((
-        SELECT COUNT(*)
-        FROM "file" f
-        WHERE f.storage_object_id = p_object_id
-          AND f.status = 'active'
-    ), 0)
-    WHERE so.object_id = p_object_id;
-END;
-$$ LANGUAGE plpgsql;
-
--- 单个目录及其祖先目录大小回算（cached_size = 直属 active 文件大小 + 直属 active 子目录 cached_size）
-CREATE OR REPLACE FUNCTION recalc_folder_cached_size(p_folder_id BIGINT)
-RETURNS VOID AS $$
-DECLARE
-    v_folder_id BIGINT := p_folder_id;
-    v_parent_id BIGINT;
-BEGIN
-    WHILE v_folder_id IS NOT NULL LOOP
-        UPDATE folder f
-        SET cached_size =
-            COALESCE((
-                SELECT SUM(fi.file_size)
-                FROM "file" fi
-                WHERE fi.folder_id = f.folder_id
-                  AND fi.status = 'active'
-            ), 0)
-            +
-            COALESCE((
-                SELECT SUM(ch.cached_size)
-                FROM folder ch
-                WHERE ch.parent_folder_id = f.folder_id
-                  AND ch.status = 'active'
-            ), 0)
-        WHERE f.folder_id = v_folder_id;
-
-        SELECT parent_folder_id INTO v_parent_id
-        FROM folder
-        WHERE folder_id = v_folder_id;
-
-        v_folder_id := v_parent_id;
-    END LOOP;
-END;
-$$ LANGUAGE plpgsql;
-
--- 全量重建目录缓存大小
-CREATE OR REPLACE FUNCTION rebuild_all_folder_cached_size()
-RETURNS VOID AS $$
-DECLARE
-    r RECORD;
-BEGIN
-    FOR r IN
-        WITH RECURSIVE tree AS (
-            SELECT folder_id, parent_folder_id, 0 AS depth
-            FROM folder
-            WHERE parent_folder_id IS NULL
-
-            UNION ALL
-
-            SELECT f.folder_id, f.parent_folder_id, t.depth + 1
-            FROM folder f
-            JOIN tree t ON f.parent_folder_id = t.folder_id
-        )
-        SELECT folder_id
-        FROM tree
-        ORDER BY depth DESC, folder_id DESC
-    LOOP
-        PERFORM recalc_folder_cached_size(r.folder_id);
-    END LOOP;
-END;
-$$ LANGUAGE plpgsql;
-
--- 文件夹结构校验：同 owner、不能挂到自己的子孙目录下
-CREATE OR REPLACE FUNCTION check_folder_parent_valid()
-RETURNS TRIGGER AS $$
-DECLARE
-    v_parent_owner BIGINT;
-    v_parent_status folder_status_enum;
-    v_has_cycle BOOLEAN := FALSE;
-BEGIN
-    IF NEW.parent_folder_id IS NULL THEN
-        RETURN NEW;
-    END IF;
-
-    SELECT owner_id, status
-      INTO v_parent_owner, v_parent_status
-    FROM folder
-    WHERE folder_id = NEW.parent_folder_id;
-
-    IF NOT FOUND THEN
-        RAISE EXCEPTION 'Parent folder % does not exist', NEW.parent_folder_id;
-    END IF;
-
-    IF v_parent_owner <> NEW.owner_id THEN
-        RAISE EXCEPTION 'Parent folder owner must match folder owner';
-    END IF;
-
-    IF NEW.status = 'active' AND v_parent_status <> 'active' THEN
-        RAISE EXCEPTION 'Active folder cannot be placed under a non-active parent folder';
-    END IF;
-
-    IF NEW.folder_id IS NOT NULL THEN
-        IF NEW.parent_folder_id = NEW.folder_id THEN
-            RAISE EXCEPTION 'Folder cannot be its own parent';
-        END IF;
-
-        WITH RECURSIVE descendants AS (
-            SELECT folder_id
-            FROM folder
-            WHERE parent_folder_id = NEW.folder_id
-
-            UNION ALL
-
-            SELECT f.folder_id
-            FROM folder f
-            JOIN descendants d ON f.parent_folder_id = d.folder_id
-        )
-        SELECT EXISTS(
-            SELECT 1
-            FROM descendants
-            WHERE folder_id = NEW.parent_folder_id
-        )
-        INTO v_has_cycle;
-
-        IF v_has_cycle THEN
-            RAISE EXCEPTION 'Folder cannot be moved into its own descendant';
-        END IF;
-    END IF;
-
-    RETURN NEW;
-END;
-$$ LANGUAGE plpgsql;
-
-DROP TRIGGER IF EXISTS trg_folder_validate ON folder;
-CREATE TRIGGER trg_folder_validate
-BEFORE INSERT OR UPDATE OF parent_folder_id, owner_id, status ON folder
-FOR EACH ROW
-EXECUTE FUNCTION check_folder_parent_valid();
-
--- 文件落目录校验：active 文件必须落在 active 且同 owner 的目录下
-CREATE OR REPLACE FUNCTION check_file_folder_valid()
-RETURNS TRIGGER AS $$
-DECLARE
-    v_folder_owner BIGINT;
-    v_folder_status folder_status_enum;
-BEGIN
-    SELECT owner_id, status
-      INTO v_folder_owner, v_folder_status
-    FROM folder
-    WHERE folder_id = NEW.folder_id;
-
-    IF NOT FOUND THEN
-        RAISE EXCEPTION 'Folder % does not exist', NEW.folder_id;
-    END IF;
-
-    IF NEW.status = 'active' THEN
-        IF v_folder_owner <> NEW.owner_id THEN
-            RAISE EXCEPTION 'File owner must match folder owner';
-        END IF;
-
-        IF v_folder_status <> 'active' THEN
-            RAISE EXCEPTION 'Active file cannot be placed under a non-active folder';
-        END IF;
-    END IF;
-
-    RETURN NEW;
-END;
-$$ LANGUAGE plpgsql;
-
-DROP TRIGGER IF EXISTS trg_file_validate ON "file";
-CREATE TRIGGER trg_file_validate
-BEFORE INSERT OR UPDATE OF folder_id, owner_id, status ON "file"
-FOR EACH ROW
-EXECUTE FUNCTION check_file_folder_valid();
-
--- 文件变更后：回算 storage_object.ref_count、user.storage_used、folder.cached_size
-CREATE OR REPLACE FUNCTION sync_file_derived_fields()
-RETURNS TRIGGER AS $$
-BEGIN
-    IF TG_OP = 'INSERT' THEN
-        PERFORM recalc_storage_object_ref_count(NEW.storage_object_id);
-        PERFORM recalc_user_storage_used(NEW.owner_id);
-        PERFORM recalc_folder_cached_size(NEW.folder_id);
-        RETURN NULL;
-    ELSIF TG_OP = 'UPDATE' THEN
-        PERFORM recalc_storage_object_ref_count(OLD.storage_object_id);
-        IF NEW.storage_object_id IS DISTINCT FROM OLD.storage_object_id THEN
-            PERFORM recalc_storage_object_ref_count(NEW.storage_object_id);
-        END IF;
-
-        PERFORM recalc_user_storage_used(OLD.owner_id);
-        IF NEW.owner_id IS DISTINCT FROM OLD.owner_id THEN
-            PERFORM recalc_user_storage_used(NEW.owner_id);
-        END IF;
-
-        PERFORM recalc_folder_cached_size(OLD.folder_id);
-        IF NEW.folder_id IS DISTINCT FROM OLD.folder_id THEN
-            PERFORM recalc_folder_cached_size(NEW.folder_id);
-        END IF;
-        RETURN NULL;
-    ELSE
-        PERFORM recalc_storage_object_ref_count(OLD.storage_object_id);
-        PERFORM recalc_user_storage_used(OLD.owner_id);
-        PERFORM recalc_folder_cached_size(OLD.folder_id);
-        RETURN NULL;
-    END IF;
-END;
-$$ LANGUAGE plpgsql;
-
-DROP TRIGGER IF EXISTS trg_file_sync_derived_fields ON "file";
-CREATE TRIGGER trg_file_sync_derived_fields
-AFTER INSERT OR UPDATE OR DELETE ON "file"
-FOR EACH ROW
-EXECUTE FUNCTION sync_file_derived_fields();
-
--- 目录结构变化后：回算目录大小
-CREATE OR REPLACE FUNCTION sync_folder_cached_size()
-RETURNS TRIGGER AS $$
-BEGIN
-    IF TG_OP = 'INSERT' THEN
-        PERFORM recalc_folder_cached_size(NEW.folder_id);
-        PERFORM recalc_folder_cached_size(NEW.parent_folder_id);
-        RETURN NULL;
-    ELSIF TG_OP = 'UPDATE' THEN
-        PERFORM recalc_folder_cached_size(OLD.parent_folder_id);
-        PERFORM recalc_folder_cached_size(NEW.folder_id);
-        IF NEW.parent_folder_id IS DISTINCT FROM OLD.parent_folder_id THEN
-            PERFORM recalc_folder_cached_size(NEW.parent_folder_id);
-        END IF;
-        RETURN NULL;
-    ELSE
-        PERFORM recalc_folder_cached_size(OLD.parent_folder_id);
-        RETURN NULL;
-    END IF;
-END;
-$$ LANGUAGE plpgsql;
-
-DROP TRIGGER IF EXISTS trg_folder_sync_cached_size ON folder;
-CREATE TRIGGER trg_folder_sync_cached_size
-AFTER INSERT OR DELETE OR UPDATE OF parent_folder_id, status ON folder
-FOR EACH ROW
-EXECUTE FUNCTION sync_folder_cached_size();
-
--- =========================
--- 4) 初始化缓存字段
--- =========================
-
-UPDATE storage_object so
-SET ref_count = x.ref_count
-FROM (
-    SELECT storage_object_id, COUNT(*) AS ref_count
-    FROM "file"
-    WHERE status = 'active'
-    GROUP BY storage_object_id
-) x
-WHERE so.object_id = x.storage_object_id;
-
-UPDATE storage_object so
-SET ref_count = 0
-WHERE NOT EXISTS (
-    SELECT 1
-    FROM "file" f
-    WHERE f.storage_object_id = so.object_id
-      AND f.status = 'active'
-);
-
-UPDATE "user" u
-SET storage_used = x.total_size
-FROM (
-    SELECT owner_id AS user_id, COALESCE(SUM(file_size), 0) AS total_size
-    FROM "file"
-    WHERE status = 'active'
-    GROUP BY owner_id
-) x
-WHERE u.user_id = x.user_id;
-
-UPDATE "user" u
-SET storage_used = 0
-WHERE NOT EXISTS (
-    SELECT 1
-    FROM "file" f
-    WHERE f.owner_id = u.user_id
-      AND f.status = 'active'
-);
-
-SELECT rebuild_all_folder_cached_size();
-
--- =========================
--- 5) 视图重建
--- =========================
-DROP VIEW IF EXISTS v_shared_with_me;
-DROP VIEW IF EXISTS v_user_permissions;
-DROP VIEW IF EXISTS v_user_recycle_bin;
-DROP VIEW IF EXISTS v_full_path;
-DROP VIEW IF EXISTS v_file_folder_details;
-DROP VIEW IF EXISTS v_user_storage_summary;
-DROP VIEW IF EXISTS v_admin_share_overview;
-DROP VIEW IF EXISTS v_user_dashboard;
-
--- 文件 / 文件夹统一明细视图
-CREATE VIEW v_file_folder_details AS
-SELECT
-    'file' AS item_type,
-    f.file_id AS id,
-    f.file_name AS name,
-    f.file_size AS size,
-    f.mime_type,
-    f.folder_id AS parent_id,
-    f.owner_id,
-    u.username AS owner_name,
-    f.created_at,
-    f.updated_at
-FROM "file" f
-JOIN "user" u ON f.owner_id = u.user_id
-JOIN storage_object so ON f.storage_object_id = so.object_id
-WHERE f.status = 'active'
-  AND so.upload_status = 'active'
-
-UNION ALL
-
-SELECT
-    'folder' AS item_type,
-    fo.folder_id AS id,
-    fo.folder_name AS name,
-    fo.cached_size AS size,
-    'inode/directory' AS mime_type,
-    fo.parent_folder_id AS parent_id,
-    fo.owner_id,
-    u.username AS owner_name,
-    fo.created_at,
-    fo.updated_at
-FROM folder fo
-JOIN "user" u ON fo.owner_id = u.user_id
-WHERE fo.status = 'active';
-
--- 用户权限视图：同时展开 direct user 授权和 group 授权
-CREATE VIEW v_user_permissions AS
-SELECT
-    acl.id AS acl_id,
-    u.user_id,
-    u.username AS user_name,
-    COALESCE(f.file_id, fo.folder_id) AS item_id,
-    COALESCE(f.file_name, fo.folder_name) AS item_name,
-    CASE WHEN acl.file_id IS NOT NULL THEN 'file' ELSE 'folder' END AS item_type,
-    acl.permission_role,
-    acl.can_preview,
-    acl.can_download,
-    acl.can_save,
-    acl.can_share,
-    acl.expire_at,
-    'direct'::TEXT AS grant_source
-FROM acl
-JOIN "user" u ON acl.user_id = u.user_id
-LEFT JOIN "file" f ON acl.file_id = f.file_id AND f.status = 'active'
-LEFT JOIN folder fo ON acl.folder_id = fo.folder_id AND fo.status = 'active'
-WHERE acl.user_id IS NOT NULL
-  AND (
-      (acl.file_id IS NOT NULL AND f.file_id IS NOT NULL)
-      OR
-      (acl.folder_id IS NOT NULL AND fo.folder_id IS NOT NULL)
-  )
-
-UNION ALL
-
-SELECT
-    acl.id AS acl_id,
-    u.user_id,
-    u.username AS user_name,
-    COALESCE(f.file_id, fo.folder_id) AS item_id,
-    COALESCE(f.file_name, fo.folder_name) AS item_name,
-    CASE WHEN acl.file_id IS NOT NULL THEN 'file' ELSE 'folder' END AS item_type,
-    acl.permission_role,
-    acl.can_preview,
-    acl.can_download,
-    acl.can_save,
-    acl.can_share,
-    acl.expire_at,
-    'group'::TEXT AS grant_source
-FROM acl
-JOIN user_group_member ugm ON acl.group_id = ugm.group_id
-JOIN "user" u ON ugm.user_id = u.user_id
-LEFT JOIN "file" f ON acl.file_id = f.file_id AND f.status = 'active'
-LEFT JOIN folder fo ON acl.folder_id = fo.folder_id AND fo.status = 'active'
-WHERE acl.group_id IS NOT NULL
-  AND (
-      (acl.file_id IS NOT NULL AND f.file_id IS NOT NULL)
-      OR
-      (acl.folder_id IS NOT NULL AND fo.folder_id IS NOT NULL)
-  );
-
--- 用户空间汇总
-CREATE VIEW v_user_storage_summary AS
-SELECT
-    user_id,
-    username,
-    status,
-    storage_limit,
-    storage_used,
-    CASE
-        WHEN storage_limit <= 0 THEN 0::NUMERIC(10,2)
-        ELSE ROUND((storage_used::NUMERIC / storage_limit::NUMERIC) * 100, 2)
-    END AS storage_used_pct
-FROM "user";
-
--- “共享给我”：基于 share + share_member，包含待接受 / 已接受两种状态
-CREATE VIEW v_shared_with_me AS
-SELECT
-    s.share_id,
-    CASE WHEN s.file_id IS NOT NULL THEN 'file' ELSE 'folder' END AS item_type,
-    COALESCE(f.file_id, fo.folder_id) AS item_id,
-    COALESCE(f.file_name, fo.folder_name) AS item_name,
-    owner.user_id AS shared_by_user_id,
-    owner.username AS shared_by,
-    sm.user_id AS shared_to_user_id,
-    sm.status AS member_status,
-    s.share_type,
-    s.permission_role,
-    s.allow_preview,
-    s.allow_download,
-    s.allow_save,
-    s.allow_reshare,
-    sm.target_folder_id,
-    sm.accepted_at,
-    s.expire_time,
-    s.created_at AS shared_at
-FROM share s
-JOIN share_member sm ON s.share_id = sm.share_id
-JOIN "user" owner ON s.user_id = owner.user_id
-LEFT JOIN "file" f ON s.file_id = f.file_id AND f.status = 'active'
-LEFT JOIN folder fo ON s.folder_id = fo.folder_id AND fo.status = 'active'
-WHERE sm.user_id IS NOT NULL
-  AND sm.status IN ('pending', 'accepted')
-  AND s.status = 'active'
-  AND (s.expire_time IS NULL OR s.expire_time > CURRENT_TIMESTAMP)
-  AND (
-      (s.file_id IS NOT NULL AND f.file_id IS NOT NULL)
-      OR
-      (s.folder_id IS NOT NULL AND fo.folder_id IS NOT NULL)
-  )
-
-UNION ALL
-
-SELECT
-    s.share_id,
-    CASE WHEN s.file_id IS NOT NULL THEN 'file' ELSE 'folder' END AS item_type,
-    COALESCE(f.file_id, fo.folder_id) AS item_id,
-    COALESCE(f.file_name, fo.folder_name) AS item_name,
-    owner.user_id AS shared_by_user_id,
-    owner.username AS shared_by,
-    ugm.user_id AS shared_to_user_id,
-    sm.status AS member_status,
-    s.share_type,
-    s.permission_role,
-    s.allow_preview,
-    s.allow_download,
-    s.allow_save,
-    s.allow_reshare,
-    sm.target_folder_id,
-    sm.accepted_at,
-    s.expire_time,
-    s.created_at AS shared_at
-FROM share s
-JOIN share_member sm ON s.share_id = sm.share_id
-JOIN user_group_member ugm ON sm.group_id = ugm.group_id
-JOIN "user" owner ON s.user_id = owner.user_id
-LEFT JOIN "file" f ON s.file_id = f.file_id AND f.status = 'active'
-LEFT JOIN folder fo ON s.folder_id = fo.folder_id AND fo.status = 'active'
-WHERE sm.group_id IS NOT NULL
-  AND sm.status IN ('pending', 'accepted')
-  AND s.status = 'active'
-  AND (s.expire_time IS NULL OR s.expire_time > CURRENT_TIMESTAMP)
-  AND (
-      (s.file_id IS NOT NULL AND f.file_id IS NOT NULL)
-      OR
-      (s.folder_id IS NOT NULL AND fo.folder_id IS NOT NULL)
-  );
-
--- 目录全路径：按 owner 隔离，且只看 active 目录
-CREATE VIEW v_full_path AS
-WITH RECURSIVE folder_path AS (
-    SELECT
-        folder_id,
-        owner_id,
-        parent_folder_id,
-        folder_name,
-        CAST(folder_name AS VARCHAR(2048)) AS path
-    FROM folder
-    WHERE parent_folder_id IS NULL
-      AND status = 'active'
-
-    UNION ALL
-
-    SELECT
-        f.folder_id,
-        f.owner_id,
-        f.parent_folder_id,
-        f.folder_name,
-        fp.path || '/' || f.folder_name AS path
-    FROM folder f
-    JOIN folder_path fp
-      ON f.parent_folder_id = fp.folder_id
-     AND f.owner_id = fp.owner_id
-    WHERE f.status = 'active'
-)
-SELECT
-    folder_id AS id,
-    owner_id,
-    parent_folder_id,
-    path
-FROM folder_path;
-
--- 回收站视图：修正 file.owner_id，并改用 cached_size
-CREATE VIEW v_user_recycle_bin AS
-SELECT
-    'file' AS item_type,
-    f.file_id AS id,
-    f.file_name AS name,
-    f.file_size AS size,
-    f.folder_id AS parent_id,
-    f.owner_id,
-    u.username AS owner_name,
-    f.deleted_at
-FROM "file" f
-JOIN "user" u ON f.owner_id = u.user_id
-WHERE f.status = 'deleted'
-  AND f.deleted_at IS NOT NULL
-
-UNION ALL
-
-SELECT
-    'folder' AS item_type,
-    fo.folder_id AS id,
-    fo.folder_name AS name,
-    fo.cached_size AS size,
-    fo.parent_folder_id AS parent_id,
-    fo.owner_id,
-    u.username AS owner_name,
-    fo.deleted_at
-FROM folder fo
-JOIN "user" u ON fo.owner_id = u.user_id
-WHERE fo.status = 'deleted'
-  AND fo.deleted_at IS NOT NULL;
-
--- 管理员查看分享链接总览
-CREATE VIEW v_admin_share_overview AS
-SELECT
-    s.share_id,
-    s.share_code,
-    s.status,
-    s.share_type,
-    s.user_id AS created_by_user_id,
-    u.username AS created_by,
-    CASE WHEN s.file_id IS NOT NULL THEN 'file' ELSE 'folder' END AS item_type,
-    COALESCE(f.file_id, fo.folder_id) AS item_id,
-    COALESCE(f.file_name, fo.folder_name) AS item_name,
-    s.permission_role,
-    s.allow_preview,
-    s.allow_download,
-    s.allow_save,
-    s.allow_reshare,
-    s.require_login,
-    s.password_hash IS NOT NULL AS has_password,
-    s.expire_time,
-    s.visit_count,
-    s.download_count,
-    s.created_at,
-    s.updated_at
-FROM share s
-JOIN "user" u ON s.user_id = u.user_id
-LEFT JOIN "file" f ON s.file_id = f.file_id
-LEFT JOIN folder fo ON s.folder_id = fo.folder_id;
-
--- 管理员用户仪表盘
-CREATE VIEW v_user_dashboard AS
-SELECT
-    u.user_id,
-    u.username,
-    u.email,
-    u.status,
-    u.storage_limit,
-    u.storage_used,
-    CASE
-        WHEN u.storage_limit <= 0 THEN 0::NUMERIC(10,2)
-        ELSE ROUND((u.storage_used::NUMERIC / u.storage_limit::NUMERIC) * 100, 2)
-    END AS storage_used_pct,
-    COALESCE(f.file_count, 0) AS active_file_count,
-    COALESCE(fo.folder_count, 0) AS active_folder_count,
-    COALESCE(s.active_share_count, 0) AS active_share_count,
-    COALESCE(fv.favorite_count, 0) AS favorite_count,
-    u.last_login_at,
-    u.created_at
-FROM "user" u
-LEFT JOIN (
-    SELECT owner_id, COUNT(*) AS file_count
-    FROM "file"
-    WHERE status = 'active'
-    GROUP BY owner_id
-) f ON u.user_id = f.owner_id
-LEFT JOIN (
-    SELECT owner_id, COUNT(*) AS folder_count
-    FROM folder
-    WHERE status = 'active'
-    GROUP BY owner_id
-) fo ON u.user_id = fo.owner_id
-LEFT JOIN (
-    SELECT user_id, COUNT(*) AS active_share_count
-    FROM share
-    WHERE status = 'active'
-      AND (expire_time IS NULL OR expire_time > CURRENT_TIMESTAMP)
-    GROUP BY user_id
-) s ON u.user_id = s.user_id
-LEFT JOIN (
-    SELECT user_id, COUNT(*) AS favorite_count
-    FROM favorite_item
-    GROUP BY user_id
-) fv ON u.user_id = fv.user_id;

From 1ab6955a89d15d1c5508ad0b7d0dc53c742a1ad8 Mon Sep 17 00:00:00 2001
From: 0neStep <146049978+AperturePlus@users.noreply.github.com>
Date: Sat, 21 Mar 2026 15:46:43 +0800
Subject: [PATCH 2/8] feat(app): add SQLAlchemy engine session bootstrap

---
 app/src/db/session.py | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 app/src/db/session.py

diff --git a/app/src/db/session.py b/app/src/db/session.py
new file mode 100644
index 0000000..478e12b
--- /dev/null
+++ b/app/src/db/session.py
@@ -0,0 +1,12 @@
+from sqlalchemy import create_engine
+from sqlalchemy.orm import sessionmaker
+import os
+
+DATABASE_URL= os.getenv("DATABASE_URL")
+
+if not DATABASE_URL:
+    raise ValueError("DATABASE_URL environment variable is not set")
+
+engine = create_engine(
+    url=DATABASE_URL,
+)
\ No newline at end of file

From c65a789b056b57cf961723811f39986e9e1fbd27 Mon Sep 17 00:00:00 2001
From: 0neStep <146049978+AperturePlus@users.noreply.github.com>
Date: Sat, 21 Mar 2026 15:47:03 +0800
Subject: [PATCH 3/8] feat(mock): build stateful mock backend for auth, files,
 sharing and admin

---
 web/src/mock/handlers/auth.ts         | 212 +++++++--
 web/src/mock/handlers/file.ts         | 434 +++++++++++++----
 web/src/mock/handlers/folder.ts       | 306 +++++++++---
 web/src/mock/handlers/log.ts          |  39 ++
 web/src/mock/handlers/notification.ts | 116 +++++
 web/src/mock/handlers/permission.ts   | 142 ++++++
 web/src/mock/handlers/recycle.ts      | 150 ++++--
 web/src/mock/handlers/share.ts        | 246 ++++++++--
 web/src/mock/handlers/storage.ts      | 127 +++++
 web/src/mock/handlers/upload.ts       | 232 ++++++---
 web/src/mock/handlers/user.ts         | 340 +++++++++-----
 web/src/mock/handlers/usergroup.ts    | 189 +++++++-
 web/src/mock/index.ts                 |  10 +-
 web/src/mock/state.ts                 | 272 +++++++++++
 web/src/mock/vfs.ts                   | 647 +++++++++++++++++++-------
 15 files changed, 2856 insertions(+), 606 deletions(-)
 create mode 100644 web/src/mock/handlers/log.ts
 create mode 100644 web/src/mock/handlers/notification.ts
 create mode 100644 web/src/mock/handlers/permission.ts
 create mode 100644 web/src/mock/handlers/storage.ts
 create mode 100644 web/src/mock/state.ts

diff --git a/web/src/mock/handlers/auth.ts b/web/src/mock/handlers/auth.ts
index 468d5aa..3c6b29d 100644
--- a/web/src/mock/handlers/auth.ts
+++ b/web/src/mock/handlers/auth.ts
@@ -1,53 +1,177 @@
 import Mock from 'mockjs';
+import { addLog, addNotification, createMockId, mockUsers } from '../state';
 
 export const setupAuthMocks = () => {
-  // 登录接口
-  Mock.mock(/\/api\/v1\/auth\/login/, 'post', {
-    success: true,
-    code: 200,
-    message: 'Login successful',
-    data: { 
-      token: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.mock-access-token-@datetime',
-      tokenType: 'Bearer',
-      expiresIn: 3600, 
-      refreshToken: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.mock-refresh-token-@datetime',
-      user: { 
-        userId: 'user1', 
-        username: 'Demo User', 
-        email: 'demo@example.com',
-        storageLimit: 107374182400, // 100GB
-        storageUsed: 21474836480,   // 20GB
-        createdAt: '@datetime'
-      } 
-    },
+  Mock.mock(/\/api\/v1\/auth\/login/, 'post', (options) => {
+    const { username, password } = JSON.parse(options.body || '{}');
+    const targetUser = mockUsers.find((user) =>
+      user.username.toLowerCase() === String(username || '').toLowerCase() ||
+      user.email.toLowerCase() === String(username || '').toLowerCase(),
+    );
+
+    if (!targetUser || !password) {
+      return {
+        success: false,
+        code: 401,
+        message: 'Invalid username or password',
+        data: null,
+      };
+    }
+
+    if (targetUser.status === 'suspended') {
+      return {
+        success: false,
+        code: 403,
+        message: 'Account is suspended',
+        data: null,
+      };
+    }
+
+    addLog('user_login', { userId: targetUser.userId, username: targetUser.username });
+
+    return {
+      success: true,
+      code: 200,
+      message: 'Login successful',
+      data: {
+        token: `mock-access-${createMockId('token')}`,
+        tokenType: 'Bearer',
+        expiresIn: 3600,
+        refreshToken: `mock-refresh-${createMockId('token')}`,
+        user: {
+          userId: targetUser.userId,
+          username: targetUser.username,
+          email: targetUser.email,
+          storageLimit: targetUser.storageLimit,
+          storageUsed: targetUser.storageUsed,
+          createdAt: targetUser.createdAt,
+        },
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/auth\/register/, 'post', (options) => {
+    const { username, email } = JSON.parse(options.body || '{}');
+
+    if (!username || !email) {
+      return {
+        success: false,
+        code: 400,
+        message: 'Username and email are required',
+        data: null,
+      };
+    }
+
+    const exists = mockUsers.some((user) =>
+      user.username.toLowerCase() === String(username).toLowerCase() ||
+      user.email.toLowerCase() === String(email).toLowerCase(),
+    );
+
+    if (exists) {
+      return {
+        success: false,
+        code: 409,
+        message: 'User already exists',
+        data: null,
+      };
+    }
+
+    const createdUser = {
+      userId: createMockId('user'),
+      username,
+      email,
+      storageLimit: 50 * 1024 * 1024 * 1024,
+      storageUsed: 0,
+      createdAt: new Date().toISOString(),
+      status: 'active' as const,
+      role: 'user' as const,
+    };
+
+    mockUsers.push(createdUser);
+
+    addLog('user_register', { userId: createdUser.userId, email: createdUser.email });
+    addNotification(`Registration email sent to ${createdUser.email}`, true);
+
+    return {
+      success: true,
+      code: 201,
+      message: 'Registration successful',
+      data: {
+        ...createdUser,
+        groups: [],
+        updatedAt: createdUser.createdAt,
+        lastLogin: createdUser.createdAt,
+      },
+    };
   });
 
-  // 刷新令牌接口
-  Mock.mock(/\/api\/v1\/auth\/refresh/, 'post', {
-    success: true,
-    code: 200,
-    message: 'Token refreshed successfully',
-    data: {
-      token: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.new-access-token-@datetime',
-      tokenType: 'Bearer',
-      expiresIn: 3600,
-      refreshToken: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.new-refresh-token-@datetime',
-      user: {
-        userId: 'user1',
-        username: 'Demo User',
-        email: 'demo@example.com',
-        storageLimit: 107374182400,
-        storageUsed: 21474836480,
-        createdAt: '@datetime'
-      }
+  Mock.mock(/\/api\/v1\/auth\/forgot-password/, 'post', (options) => {
+    const { email } = JSON.parse(options.body || '{}');
+
+    if (!email) {
+      return {
+        success: false,
+        code: 400,
+        message: 'Email is required',
+        data: null,
+      };
     }
+
+    addLog('password_reset_request', { email });
+    addNotification(`Password reset email queued for ${email}`, true);
+
+    return {
+      success: true,
+      code: 200,
+      message: 'If this email exists, a reset link has been sent',
+      data: {
+        requestId: createMockId('pwd_reset'),
+        expiresInMinutes: 15,
+      },
+    };
   });
 
-  // 登出接口
-  Mock.mock(/\/api\/v1\/auth\/logout/, 'post', {
-    success: true,
-    code: 200,
-    message: 'Logout successful',
-    data: null
+  Mock.mock(/\/api\/v1\/auth\/reset-password/, 'post', () => {
+    addLog('password_reset_complete', { status: 'ok' });
+
+    return {
+      success: true,
+      code: 200,
+      message: 'Password has been reset successfully',
+      data: null,
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/auth\/refresh/, 'post', () => {
+    return {
+      success: true,
+      code: 200,
+      message: 'Token refreshed successfully',
+      data: {
+        token: `mock-access-${createMockId('token')}`,
+        tokenType: 'Bearer',
+        expiresIn: 3600,
+        refreshToken: `mock-refresh-${createMockId('token')}`,
+        user: {
+          userId: mockUsers[0].userId,
+          username: mockUsers[0].username,
+          email: mockUsers[0].email,
+          storageLimit: mockUsers[0].storageLimit,
+          storageUsed: mockUsers[0].storageUsed,
+          createdAt: mockUsers[0].createdAt,
+        },
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/auth\/logout/, 'post', () => {
+    addLog('user_logout', { status: 'ok' });
+
+    return {
+      success: true,
+      code: 200,
+      message: 'Logout successful',
+      data: null,
+    };
   });
-}; 
\ No newline at end of file
+};
diff --git a/web/src/mock/handlers/file.ts b/web/src/mock/handlers/file.ts
index 92cb971..6efe1b3 100644
--- a/web/src/mock/handlers/file.ts
+++ b/web/src/mock/handlers/file.ts
@@ -1,118 +1,392 @@
-import Mock from 'mockjs';
-import { vfsApi } from '../vfs';
 import JSZip from 'jszip';
+import Mock from 'mockjs';
+import { addLog, addNotification } from '../state';
+import { vfsApi, type VfsNode } from '../vfs';
+
+function parseUrl(url: string) {
+  return new URL(url, 'http://localhost');
+}
 
-// Helper to convert base64 to blob
-function base64ToBlob(base64: string, type: string): Blob {
-  const byteCharacters = atob(base64);
-  const byteNumbers = new Array(byteCharacters.length);
-  for (let i = 0; i < byteCharacters.length; i++) {
-    byteNumbers[i] = byteCharacters.charCodeAt(i);
+function nodeToItem(node: VfsNode) {
+  if (node.type === 'folder') {
+    return {
+      itemType: 'folder' as const,
+      id: node.id,
+      name: node.name,
+      size: vfsApi.getFolderStats(node.id).totalSize,
+      ownerName: 'You',
+      updatedAt: node.updatedAt,
+      createdAt: node.createdAt,
+      parentFolderId: node.parent,
+      permission: node.permission || 'owner',
+      isStarred: node.isStarred || false,
+    };
   }
-  const byteArray = new Uint8Array(byteNumbers);
-  return new Blob([byteArray], { type });
+
+  return {
+    itemType: 'file' as const,
+    id: node.id,
+    name: node.name,
+    size: node.size || 0,
+    mimeType: node.mimeType || 'application/octet-stream',
+    ownerName: 'You',
+    updatedAt: node.updatedAt,
+    createdAt: node.createdAt,
+    folderId: node.parent || 'root',
+    permission: node.permission || 'owner',
+    isStarred: node.isStarred || false,
+  };
 }
 
+function buildMockFileBlob(file: VfsNode) {
+  if (file.content) {
+    const byteCharacters = atob(file.content);
+    const byteNumbers = new Array(byteCharacters.length);
+    for (let i = 0; i < byteCharacters.length; i += 1) {
+      byteNumbers[i] = byteCharacters.charCodeAt(i);
+    }
+    const byteArray = new Uint8Array(byteNumbers);
+    return new Blob([byteArray], { type: file.mimeType || 'application/octet-stream' });
+  }
+
+  if ((file.mimeType || '').startsWith('text/')) {
+    return new Blob([`Mock content for ${file.name}`], { type: file.mimeType || 'text/plain' });
+  }
+
+  if ((file.mimeType || '').startsWith('image/')) {
+    const svg = `<svg xmlns=\"http://www.w3.org/2000/svg\" width=\"640\" height=\"360\"><rect width=\"100%\" height=\"100%\" fill=\"#1f2937\"/><text x=\"50%\" y=\"50%\" dominant-baseline=\"middle\" text-anchor=\"middle\" fill=\"#f9fafb\" font-size=\"24\">${file.name}</text></svg>`;
+    return new Blob([svg], { type: 'image/svg+xml' });
+  }
+
+  if ((file.mimeType || '').startsWith('audio/')) {
+    return new Blob([], { type: file.mimeType || 'audio/mpeg' });
+  }
+
+  if ((file.mimeType || '').startsWith('video/')) {
+    return new Blob([], { type: file.mimeType || 'video/mp4' });
+  }
+
+  if (file.mimeType === 'application/pdf') {
+    const text = `%PDF-1.4\n1 0 obj<<>>endobj\ntrailer<<>>\n%%EOF`;
+    return new Blob([text], { type: 'application/pdf' });
+  }
+
+  return new Blob([`Binary file: ${file.name}`], { type: file.mimeType || 'application/octet-stream' });
+}
+
+function getSortedItems(items: VfsNode[], sort: string | null, order: string | null) {
+  const sortField = sort || 'name';
+  const sortOrder = order === 'desc' ? -1 : 1;
+
+  return [...items].sort((a, b) => {
+    if (a.type === 'folder' && b.type === 'file') return -1;
+    if (a.type === 'file' && b.type === 'folder') return 1;
+
+    let compareValue = 0;
+    if (sortField === 'size') {
+      compareValue = (a.size || 0) - (b.size || 0);
+    } else if (sortField === 'updatedAt') {
+      compareValue = new Date(a.updatedAt).getTime() - new Date(b.updatedAt).getTime();
+    } else if (sortField === 'createdAt') {
+      compareValue = new Date(a.createdAt).getTime() - new Date(b.createdAt).getTime();
+    } else {
+      compareValue = a.name.localeCompare(b.name, undefined, { sensitivity: 'base' });
+    }
+
+    return compareValue * sortOrder;
+  });
+}
 
 export const setupFileMocks = () => {
-  // Download File
-  Mock.mock(/\/api\/v1\/files\/(.+)\/download/, 'get', (options) => {
-    const fileId = (options.url.match(/\/api\/v1\/files\/(.+)\/download/) || [])[1];
-    const file = vfsApi.get(fileId);
+  Mock.mock(/\/api\/v1\/files\/?(\?.*)?$/, 'get', (options) => {
+    const url = parseUrl(options.url);
+    const folderId = url.searchParams.get('folderId') || 'root';
+    const search = url.searchParams.get('search');
+    const sort = url.searchParams.get('sort');
+    const order = url.searchParams.get('order');
+
+    const sourceItems = search
+      ? vfsApi.search(folderId, search)
+      : vfsApi.getChildren(folderId);
+
+    const sorted = getSortedItems(sourceItems, sort, order);
+    const mapped = sorted.map(nodeToItem);
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        items: mapped,
+        pagination: {
+          totalItems: mapped.length,
+          totalPages: 1,
+          perPage: mapped.length,
+          currentPage: 1,
+          hasPrev: false,
+          hasNext: false,
+        },
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/files\/starred$/, 'get', () => {
+    const starred = vfsApi.getStarred().map(nodeToItem);
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        items: starred,
+        pagination: {
+          totalItems: starred.length,
+          totalPages: 1,
+          perPage: starred.length,
+          currentPage: 1,
+          hasPrev: false,
+          hasNext: false,
+        },
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/files\/([^/]+)$/, 'get', (options) => {
+    const fileId = (options.url.match(/\/api\/v1\/files\/([^/?]+)/) || [])[1];
+    const node = vfsApi.get(fileId);
 
-    if (!file || file.type !== 'file') {
+    if (!node || node.type !== 'file' || node.isTrashed) {
       return {
         success: false,
         code: 404,
         message: 'File not found',
+        data: null,
       };
     }
-    
-    // If the file has real content stored, decode and serve it
-    if (file.content) {
-      // We don't store mime type, so we use a generic one.
-      // In a real backend, you'd store and retrieve the mime type.
-      return base64ToBlob(file.content, file.mimeType || 'application/octet-stream');
-    }
 
-    // Fallback for files without stored content
-    const content = `Mock content for ${file.name}`;
-    const blob = new Blob([content], { type: 'application/octet-stream' });
-    
-    // Return the blob directly for download
-    return blob;
+    return {
+      success: true,
+      code: 200,
+      data: {
+        ...nodeToItem(node),
+        status: true,
+      },
+    };
   });
 
-  // Preview File (similar to download for now)
-  Mock.mock(/\/api\/v1\/files\/(.+)\/preview/, 'get', (options) => {
-    const fileId = (options.url.match(/\/api\/v1\/files\/(.+)\/preview/) || [])[1];
-    const file = vfsApi.get(fileId);
+  Mock.mock(/\/api\/v1\/files\/([^/]+)\/download$/, 'get', (options) => {
+    const fileId = (options.url.match(/\/api\/v1\/files\/([^/]+)\/download/) || [])[1];
+    const node = vfsApi.get(fileId);
 
-    if (!file || file.type !== 'file') {
-      return { success: false, code: 404, message: 'File not found' };
+    if (!node || node.type !== 'file') {
+      return {
+        success: false,
+        code: 404,
+        message: 'File not found',
+        data: null,
+      };
     }
-    
-    if (file.content) {
-      return base64ToBlob(file.content, file.mimeType || 'application/octet-stream');
+
+    addLog('file_download', { fileId: node.id, fileName: node.name });
+    return buildMockFileBlob(node);
+  });
+
+  Mock.mock(/\/api\/v1\/files\/([^/]+)\/preview$/, 'get', (options) => {
+    const fileId = (options.url.match(/\/api\/v1\/files\/([^/]+)\/preview/) || [])[1];
+    const node = vfsApi.get(fileId);
+
+    if (!node || node.type !== 'file') {
+      return {
+        success: false,
+        code: 404,
+        message: 'File not found',
+        data: null,
+      };
     }
 
-    const content = `Mock preview content for ${file.name}`;
-    const blob = new Blob([content], { type: 'text/plain' });
-    return blob;
+    return buildMockFileBlob(node);
   });
 
-  // Batch Download Files as Zip
-  Mock.mock(/\/api\/v1\/files\/batch-download/, 'post', async (options) => {
-    const { fileIds } = JSON.parse(options.body);
-    const zip = new JSZip();
+  Mock.mock(/\/api\/v1\/files\/([^/]+)\/thumbnail$/, 'get', (options) => {
+    const fileId = (options.url.match(/\/api\/v1\/files\/([^/]+)\/thumbnail/) || [])[1];
+    const node = vfsApi.get(fileId);
 
-    for (const fileId of fileIds) {
-      const file = vfsApi.get(fileId);
-      if (file && file.type === 'file') {
-        // In a real scenario, you'd fetch file content. Here, we generate it.
-        const fileContent = `Mock content for ${file.name}`;
-        zip.file(file.name, fileContent);
-      }
+    if (!node || node.type !== 'file') {
+      return {
+        success: false,
+        code: 404,
+        message: 'File not found',
+        data: null,
+      };
     }
 
-    const zipBlob = await zip.generateAsync({ type: 'blob' });
-    return zipBlob;
+    const svg = `<svg xmlns=\"http://www.w3.org/2000/svg\" width=\"200\" height=\"120\"><rect width=\"100%\" height=\"100%\" fill=\"#0f172a\"/><text x=\"50%\" y=\"50%\" dominant-baseline=\"middle\" text-anchor=\"middle\" fill=\"#e2e8f0\" font-size=\"12\">${node.name}</text></svg>`;
+    return new Blob([svg], { type: 'image/svg+xml' });
   });
 
-  // Move File
-  Mock.mock(/\/api\/v1\/files\/(.+)\/move/, 'patch', (options) => {
-    const fileId = (options.url.match(/\/api\/v1\/files\/(.+)\/move/) || [])[1];
-    const { targetFolderId } = JSON.parse(options.body);
-    const movedFile = vfsApi.move(fileId, targetFolderId);
-    return { success: true, code: 200, data: movedFile };
+  Mock.mock(/\/api\/v1\/files\/([^/]+)\/move$/, 'patch', (options) => {
+    const fileId = (options.url.match(/\/api\/v1\/files\/([^/]+)\/move/) || [])[1];
+    const { targetFolderId } = JSON.parse(options.body || '{}');
+
+    const moved = vfsApi.move(fileId, targetFolderId);
+    addLog('file_move', { fileId, targetFolderId });
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        fileId: moved.id,
+        targetFolderId,
+        movedAt: moved.updatedAt,
+      },
+    };
   });
 
-  // Rename File
-  Mock.mock(/\/api\/v1\/files\/(?![^/]+\/(?:move|copy|download|preview|thumbnail)$)[^/]+$/, 'patch', (options) => {
-    const fileId = options.url.match(/\/api\/v1\/files\/(.+)/)![1];
-    const { fileName } = JSON.parse(options.body);
-    const updatedFile = vfsApi.rename(fileId, fileName);
-    return { success: true, code: 200, data: updatedFile };
+  Mock.mock(/\/api\/v1\/files\/([^/]+)\/copy$/, 'post', (options) => {
+    const fileId = (options.url.match(/\/api\/v1\/files\/([^/]+)\/copy/) || [])[1];
+    const { targetFolderId, newName } = JSON.parse(options.body || '{}');
+
+    const copied = vfsApi.copy(fileId, targetFolderId, newName);
+    addLog('file_copy', { fileId, targetFolderId, copiedFileId: copied.id });
+
+    return {
+      success: true,
+      code: 201,
+      data: {
+        fileId: copied.id,
+        originalFileId: fileId,
+        targetFolderId,
+        newName: copied.name,
+        copiedAt: copied.createdAt,
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/files\/([^/]+)\/star$/, 'patch', (options) => {
+    const fileId = (options.url.match(/\/api\/v1\/files\/([^/]+)\/star/) || [])[1];
+    const { isStarred } = JSON.parse(options.body || '{}');
+    const node = vfsApi.setStarred(fileId, Boolean(isStarred));
+
+    return {
+      success: true,
+      code: 200,
+      data: nodeToItem(node),
+    };
   });
 
-  // Delete File
-  Mock.mock(/\/api\/v1\/files\/(.+)/, 'delete', (options) => {
-    const fileId = (options.url.match(/\/api\/v1\/files\/(.+)/) || [])[1];
+  Mock.mock(/\/api\/v1\/files\/(?![^/]+\/(?:move|copy|download|preview|thumbnail|star)$)([^/?]+)$/, 'patch', (options) => {
+    const fileId = (options.url.match(/\/api\/v1\/files\/([^/?]+)/) || [])[1];
+    const { fileName } = JSON.parse(options.body || '{}');
+    const updated = vfsApi.rename(fileId, fileName);
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        ...nodeToItem(updated),
+        status: true,
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/files\/([^/]+)$/, 'delete', (options) => {
+    const fileId = (options.url.match(/\/api\/v1\/files\/([^/?]+)/) || [])[1];
+    const node = vfsApi.get(fileId);
+
+    if (!node || node.type !== 'file') {
+      return {
+        success: false,
+        code: 404,
+        message: 'File not found',
+        data: null,
+      };
+    }
+
     vfsApi.delete(fileId);
-    return { success: true, code: 200, data: { fileId, message: 'File moved to trash.' } };
+    addLog('file_delete', { fileId, fileName: node.name });
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        fileId,
+        fileName: node.name,
+        deletedAt: new Date().toISOString(),
+      },
+    };
   });
 
-  // Batch Delete Files
-  Mock.mock(/\/api\/v1\/files\/batch/, 'post', (options) => {
-    const { action, fileIds, targetFolderId } = JSON.parse(options.body);
-    if (action === 'delete') {
-      fileIds.forEach((id: string) => vfsApi.delete(id));
-      return { success: true, code: 200, data: { successCount: fileIds.length } };
+  Mock.mock(/\/api\/v1\/files\/batch-download$/, 'post', async (options) => {
+    const { fileIds = [] } = JSON.parse(options.body || '{}');
+    const zip = new JSZip();
+
+    fileIds.forEach((fileId: string) => {
+      const node = vfsApi.get(fileId);
+      if (!node || node.type !== 'file' || node.isTrashed) return;
+      zip.file(node.name, `Mock content for ${node.name}`);
+    });
+
+    addLog('file_batch_download', { count: fileIds.length });
+    return zip.generateAsync({ type: 'blob' });
+  });
+
+  Mock.mock(/\/api\/v1\/files\/batch$/, 'post', (options) => {
+    const { action, fileIds = [], targetFolderId } = JSON.parse(options.body || '{}');
+
+    if (!Array.isArray(fileIds) || fileIds.length === 0) {
+      return {
+        success: false,
+        code: 400,
+        message: 'fileIds is required',
+        data: null,
+      };
     }
-    if (action === 'move') {
-      fileIds.forEach((id: string) => vfsApi.move(id, targetFolderId));
-      return { success: true, code: 200, data: { successCount: fileIds.length } };
+
+    let succeeded = 0;
+
+    if (action === 'delete') {
+      fileIds.forEach((id: string) => {
+        const node = vfsApi.get(id);
+        if (node) {
+          vfsApi.delete(id);
+          succeeded += 1;
+        }
+      });
+      addLog('file_batch_delete', { count: succeeded });
+      addNotification(`${succeeded} files moved to recycle bin`, true);
+    } else if (action === 'move') {
+      fileIds.forEach((id: string) => {
+        const node = vfsApi.get(id);
+        if (node) {
+          vfsApi.move(id, targetFolderId);
+          succeeded += 1;
+        }
+      });
+      addLog('file_batch_move', { count: succeeded, targetFolderId: targetFolderId || '' });
+    } else if (action === 'copy') {
+      fileIds.forEach((id: string) => {
+        const node = vfsApi.get(id);
+        if (node) {
+          vfsApi.copy(id, targetFolderId);
+          succeeded += 1;
+        }
+      });
+      addLog('file_batch_copy', { count: succeeded, targetFolderId: targetFolderId || '' });
+    } else {
+      return {
+        success: false,
+        code: 400,
+        message: 'Unsupported batch action',
+        data: null,
+      };
     }
-    return { success: false, code: 400, message: 'Action not mocked' };
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        processed: fileIds.length,
+        action,
+        succeeded,
+      },
+    };
   });
-}; 
\ No newline at end of file
+};
diff --git a/web/src/mock/handlers/folder.ts b/web/src/mock/handlers/folder.ts
index 3a942ae..3109fa8 100644
--- a/web/src/mock/handlers/folder.ts
+++ b/web/src/mock/handlers/folder.ts
@@ -1,112 +1,280 @@
 import Mock from 'mockjs';
-import { vfsApi } from '../vfs';
+import { addLog } from '../state';
+import { vfsApi, type VfsNode } from '../vfs';
+
+function parseUrl(url: string) {
+  return new URL(url, 'http://localhost');
+}
+
+function nodeToItem(node: VfsNode) {
+  if (node.type === 'folder') {
+    return {
+      itemType: 'folder' as const,
+      id: node.id,
+      name: node.name,
+      size: vfsApi.getFolderStats(node.id).totalSize,
+      ownerName: 'You',
+      updatedAt: node.updatedAt,
+      createdAt: node.createdAt,
+      parentFolderId: node.parent,
+      permission: node.permission || 'owner',
+      isStarred: node.isStarred || false,
+    };
+  }
+
+  return {
+    itemType: 'file' as const,
+    id: node.id,
+    name: node.name,
+    size: node.size || 0,
+    mimeType: node.mimeType || 'application/octet-stream',
+    ownerName: 'You',
+    updatedAt: node.updatedAt,
+    createdAt: node.createdAt,
+    folderId: node.parent || 'root',
+    permission: node.permission || 'owner',
+    isStarred: node.isStarred || false,
+  };
+}
+
+function sortItems(nodes: VfsNode[], sort: string | null, order: string | null) {
+  const sortField = sort || 'name';
+  const sortOrder = order === 'desc' ? -1 : 1;
+
+  return [...nodes].sort((a, b) => {
+    if (a.type === 'folder' && b.type === 'file') return -1;
+    if (a.type === 'file' && b.type === 'folder') return 1;
+
+    let value = 0;
+    if (sortField === 'size') {
+      value = (a.size || 0) - (b.size || 0);
+    } else if (sortField === 'updatedAt') {
+      value = new Date(a.updatedAt).getTime() - new Date(b.updatedAt).getTime();
+    } else if (sortField === 'createdAt') {
+      value = new Date(a.createdAt).getTime() - new Date(b.createdAt).getTime();
+    } else {
+      value = a.name.localeCompare(b.name, undefined, { sensitivity: 'base' });
+    }
+
+    return value * sortOrder;
+  });
+}
+
+function buildPagination(count: number) {
+  return {
+    totalItems: count,
+    totalPages: 1,
+    perPage: count,
+    currentPage: 1,
+    hasPrev: false,
+    hasNext: false,
+  };
+}
 
 export const setupFolderMocks = () => {
-  // Get Folder Contents
-  Mock.mock(/\/api\/v1\/folders\/([^\/]+)(?:\?.*)?$/, 'get', (options) => {
-    const match = options.url.match(/\/api\/v1\/folders\/([^\/]+)(?:\?.*)?$/);
-    const folderId = match ? match[1] : 'root';
-    console.log('🔍 Mock API: Getting contents for folder', folderId);
-    
-    const children = vfsApi.getChildren(folderId);
-    console.log('📁 Mock API: Found', children.length, 'children for folder', folderId);
-
-    // 检查VFS节点是否存在
-    const folderNode = vfsApi.get(folderId);
-    if (!folderNode) {
-      console.error('🚨 Mock API: Folder not found in VFS:', folderId);
+  Mock.mock(/\/api\/v1\/folders$/, 'get', (options) => {
+    const url = parseUrl(options.url);
+    const parentId = url.searchParams.get('parentId') || 'root';
+
+    const folders = vfsApi
+      .getChildren(parentId)
+      .filter((node) => node.type === 'folder')
+      .map(nodeToItem);
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        items: folders,
+        pagination: buildPagination(folders.length),
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/folders\/([^/]+)\/path$/, 'get', (options) => {
+    const folderId = (options.url.match(/\/api\/v1\/folders\/([^/]+)\/path/) || [])[1] || 'root';
+    const path = vfsApi.getPath(folderId);
+
+    if (!path.length) {
       return {
         success: false,
         code: 404,
-        message: `Folder ${folderId} not found`,
+        message: 'Folder not found',
         data: null,
       };
     }
 
-    // 简化API调试输出
-    const childIds = children.map(c => c.id);
-    const uniqueChildIds = new Set(childIds);
-    if (childIds.length !== uniqueChildIds.size) {
-      console.error('🚨 Mock API: VFS has duplicate children for folder', folderId);
-    }
+    const pathItems = path.map((node) => ({
+      folderId: node.id,
+      name: node.id === 'root' ? 'My Files' : node.name,
+    }));
 
-    const response = {
+    return {
       success: true,
       code: 200,
       data: {
-        items: children.map(c => ({...c, itemType: c.type, permission: c.permission || 'owner' })), // Ensure permission is passed
-        pagination: { totalItems: children.length, totalPages: 1, perPage: children.length, currentPage: 1 },
+        fullPath: pathItems.map((item) => item.name).join('/'),
+        pathItems,
       },
     };
-    
-    console.log('📤 Mock API: Returning response:', {
-      success: response.success,
-      itemCount: response.data.items.length,
-      firstItem: response.data.items[0]
-    });
-
-    return response;
   });
 
-  // Get Folder Path
-  Mock.mock(/\/api\/v1\/folders\/([^\/]+)\/path$/, 'get', (options) => {
-    const match = options.url.match(/\/api\/v1\/folders\/([^\/]+)\/path$/);
-    const folderId = match ? match[1] : 'root';
-    console.log('🔍 Mock API: Getting path for folder', folderId);
-    
-    const folderNode = vfsApi.get(folderId);
-    if (!folderNode) {
-      console.error('🚨 Mock API: Folder not found in VFS for path:', folderId);
+  Mock.mock(/\/api\/v1\/folders\/([^/]+)\/size$/, 'get', (options) => {
+    const folderId = (options.url.match(/\/api\/v1\/folders\/([^/]+)\/size/) || [])[1];
+
+    try {
+      const stats = vfsApi.getFolderStats(folderId);
+      return {
+        success: true,
+        code: 200,
+        data: stats,
+      };
+    } catch {
       return {
         success: false,
         code: 404,
-        message: `Folder ${folderId} not found`,
+        message: 'Folder not found',
         data: null,
       };
     }
-    
-    const path = vfsApi.getPath(folderId);
-    console.log('📤 Mock API: Returning path response:', {
+  });
+
+  Mock.mock(/\/api\/v1\/folders\/([^/]+)\/copy$/, 'post', (options) => {
+    const folderId = (options.url.match(/\/api\/v1\/folders\/([^/]+)\/copy/) || [])[1];
+    const { targetParentId, newName } = JSON.parse(options.body || '{}');
+
+    const copied = vfsApi.copy(folderId, targetParentId, newName);
+    addLog('folder_copy', { folderId, copiedFolderId: copied.id, targetParentId });
+
+    return {
       success: true,
-      pathCount: path.length,
-      pathItems: path.map(p => ({ folderId: p.id, name: p.name }))
-    });
-    
+      code: 201,
+      data: nodeToItem(copied),
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/folders\/([^/]+)\/star$/, 'patch', (options) => {
+    const folderId = (options.url.match(/\/api\/v1\/folders\/([^/]+)\/star/) || [])[1];
+    const { isStarred } = JSON.parse(options.body || '{}');
+    const updated = vfsApi.setStarred(folderId, Boolean(isStarred));
+
+    return {
+      success: true,
+      code: 200,
+      data: nodeToItem(updated),
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/folders\/([^/]+)(?:\?.*)?$/, 'get', (options) => {
+    const match = options.url.match(/\/api\/v1\/folders\/([^/?]+)/);
+    const folderId = match ? match[1] : 'root';
+    const url = parseUrl(options.url);
+
+    const search = url.searchParams.get('search');
+    const sort = url.searchParams.get('sort');
+    const order = url.searchParams.get('order');
+
+    const folder = vfsApi.get(folderId);
+    if (!folder || folder.type !== 'folder') {
+      return {
+        success: false,
+        code: 404,
+        message: 'Folder not found',
+        data: null,
+      };
+    }
+
+    const sourceItems = search ? vfsApi.search(folderId, search) : vfsApi.getChildren(folderId);
+    const sorted = sortItems(sourceItems, sort, order);
+    const items = sorted.map(nodeToItem);
+
     return {
       success: true,
       code: 200,
       data: {
-        pathItems: path.map(p => ({ folderId: p.id, name: p.name })),
+        items,
+        pagination: buildPagination(items.length),
       },
     };
   });
 
-  // Create Folder
-  Mock.mock(/\/api\/v1\/folders/, 'post', (options) => {
-    const { folderName, parentFolderId } = JSON.parse(options.body);
+  Mock.mock(/\/api\/v1\/folders$/, 'post', (options) => {
+    const { folderName, parentFolderId } = JSON.parse(options.body || '{}');
+
+    if (!folderName || !parentFolderId) {
+      return {
+        success: false,
+        code: 400,
+        message: 'folderName and parentFolderId are required',
+        data: null,
+      };
+    }
+
     const newFolder = vfsApi.createFolder(parentFolderId, folderName);
-    
+    addLog('folder_create', { folderId: newFolder.id, folderName });
+
     return {
       success: true,
       code: 201,
-      data: newFolder,
+      data: nodeToItem(newFolder),
     };
   });
 
-  // Delete Folder
-  Mock.mock(/\/api\/v1\/folders\/([^\/]+)$/, 'delete', (options) => {
-    const match = options.url.match(/\/api\/v1\/folders\/([^\/]+)$/);
-    const folderId = match ? match[1] : '';
-    vfsApi.delete(folderId);
-    return { success: true, code: 200, data: { folderId, message: 'Folder moved to trash.' } };
-  });
+  Mock.mock(/\/api\/v1\/folders\/([^/]+)\/move$/, 'patch', (options) => {
+    const folderId = (options.url.match(/\/api\/v1\/folders\/([^/]+)\/move/) || [])[1];
+    const { targetParentId } = JSON.parse(options.body || '{}');
 
-  // Move Folder
-  Mock.mock(/\/api\/v1\/folders\/([^\/]+)\/move$/, 'patch', (options) => {
-    const match = options.url.match(/\/api\/v1\/folders\/([^\/]+)\/move$/);
-    const folderId = match ? match[1] : '';
-    const { targetParentId } = JSON.parse(options.body);
     const movedFolder = vfsApi.move(folderId, targetParentId);
-    return { success: true, code: 200, data: movedFolder };
+    addLog('folder_move', { folderId, targetParentId });
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        folderId: movedFolder.id,
+        targetParentId,
+        movedAt: movedFolder.updatedAt,
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/folders\/([^/]+)$/, 'patch', (options) => {
+    const folderId = (options.url.match(/\/api\/v1\/folders\/([^/?]+)/) || [])[1];
+    const { folderName } = JSON.parse(options.body || '{}');
+
+    const renamed = vfsApi.rename(folderId, folderName);
+
+    return {
+      success: true,
+      code: 200,
+      data: nodeToItem(renamed),
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/folders\/([^/]+)$/, 'delete', (options) => {
+    const folderId = (options.url.match(/\/api\/v1\/folders\/([^/?]+)/) || [])[1];
+    const folder = vfsApi.get(folderId);
+
+    if (!folder || folder.type !== 'folder') {
+      return {
+        success: false,
+        code: 404,
+        message: 'Folder not found',
+        data: null,
+      };
+    }
+
+    vfsApi.delete(folderId);
+    addLog('folder_delete', { folderId, folderName: folder.name });
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        folderId,
+        folderName: folder.name,
+        deletedAt: new Date().toISOString(),
+      },
+    };
   });
-}; 
\ No newline at end of file
+};
diff --git a/web/src/mock/handlers/log.ts b/web/src/mock/handlers/log.ts
new file mode 100644
index 0000000..25744e4
--- /dev/null
+++ b/web/src/mock/handlers/log.ts
@@ -0,0 +1,39 @@
+import Mock from 'mockjs';
+import { mockLogs } from '../state';
+
+export const setupLogMocks = () => {
+  Mock.mock(/\/api\/v1\/logs(?:\?.*)?$/, 'get', (options) => {
+    const url = new URL(options.url, 'http://localhost');
+    const page = Number(url.searchParams.get('page') || 1);
+    const perPage = Number(url.searchParams.get('perPage') || 20);
+    const operation = url.searchParams.get('operation');
+    const startDate = url.searchParams.get('startDate');
+    const endDate = url.searchParams.get('endDate');
+
+    const filtered = mockLogs.filter((item) => {
+      if (operation && item.operation !== operation) return false;
+      if (startDate && new Date(item.performedAt).getTime() < new Date(startDate).getTime()) return false;
+      if (endDate && new Date(item.performedAt).getTime() > new Date(endDate).getTime()) return false;
+      return true;
+    });
+
+    const start = (Math.max(page, 1) - 1) * Math.max(perPage, 1);
+    const sliced = filtered.slice(start, start + Math.max(perPage, 1));
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        logs: sliced,
+        totalCount: filtered.length,
+        returnedCount: sliced.length,
+        hasMore: start + sliced.length < filtered.length,
+        filterSummary: {
+          operation: operation || undefined,
+          dateRange: startDate || endDate ? `${startDate || '-'} ~ ${endDate || '-'}` : undefined,
+          matchedRecords: filtered.length,
+        },
+      },
+    };
+  });
+};
diff --git a/web/src/mock/handlers/notification.ts b/web/src/mock/handlers/notification.ts
new file mode 100644
index 0000000..bbbba62
--- /dev/null
+++ b/web/src/mock/handlers/notification.ts
@@ -0,0 +1,116 @@
+import Mock from 'mockjs';
+import { addNotification, mockNotifications, paginate } from '../state';
+
+export const setupNotificationMocks = () => {
+  Mock.mock(/\/api\/v1\/notifications(?:\?.*)?$/, 'get', (options) => {
+    const url = new URL(options.url, 'http://localhost');
+    const page = Number(url.searchParams.get('page') || 1);
+    const perPage = Number(url.searchParams.get('perPage') || 20);
+    const isReadText = url.searchParams.get('isRead');
+
+    const filtered = mockNotifications.filter((item) => {
+      if (isReadText === null || isReadText === '') return true;
+      return item.isRead === (isReadText === 'true');
+    });
+
+    const paged = paginate(filtered, page, perPage);
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        ...paged,
+        unreadCount: mockNotifications.filter((item) => !item.isRead).length,
+        totalCount: mockNotifications.length,
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/notifications\/read-all$/, 'put', () => {
+    let updatedCount = 0;
+    mockNotifications.forEach((item) => {
+      if (!item.isRead) {
+        item.isRead = true;
+        updatedCount += 1;
+      }
+    });
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        updatedCount,
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/notifications\/broadcast$/, 'post', (options) => {
+    const { message } = JSON.parse(options.body || '{}');
+
+    if (!message) {
+      return {
+        success: false,
+        code: 400,
+        message: 'message is required',
+        data: null,
+      };
+    }
+
+    const created = addNotification(message, false);
+
+    return {
+      success: true,
+      code: 201,
+      data: created,
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/notifications\/([^/]+)\/read$/, 'put', (options) => {
+    const notificationId = Number((options.url.match(/\/api\/v1\/notifications\/([^/]+)\/read/) || [])[1]);
+    const target = mockNotifications.find((item) => item.id === notificationId);
+
+    if (!target) {
+      return {
+        success: false,
+        code: 404,
+        message: 'Notification not found',
+        data: null,
+      };
+    }
+
+    target.isRead = true;
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        notificationId: target.id,
+        updatedAt: new Date().toISOString(),
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/notifications\/([^/]+)$/, 'delete', (options) => {
+    const notificationId = Number((options.url.match(/\/api\/v1\/notifications\/([^/?]+)/) || [])[1]);
+    const index = mockNotifications.findIndex((item) => item.id === notificationId);
+
+    if (index === -1) {
+      return {
+        success: false,
+        code: 404,
+        message: 'Notification not found',
+        data: null,
+      };
+    }
+
+    mockNotifications.splice(index, 1);
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        notificationId,
+      },
+    };
+  });
+};
diff --git a/web/src/mock/handlers/permission.ts b/web/src/mock/handlers/permission.ts
new file mode 100644
index 0000000..baedcf7
--- /dev/null
+++ b/web/src/mock/handlers/permission.ts
@@ -0,0 +1,142 @@
+import Mock from 'mockjs';
+import { createMockId, mockPermissions, mockUsers, paginate } from '../state';
+
+const mockGroups = [
+  { id: 'group1', name: 'Developers' },
+  { id: 'group2', name: 'Designers' },
+  { id: 'group3', name: 'Operations' },
+];
+
+export const setupPermissionMocks = () => {
+  Mock.mock(/\/api\/v1\/permissions(?:\?.*)?$/, 'get', (options) => {
+    const url = new URL(options.url, 'http://localhost');
+    const fileId = url.searchParams.get('fileId');
+    const folderId = url.searchParams.get('folderId');
+    const page = Number(url.searchParams.get('page') || 1);
+    const perPage = Number(url.searchParams.get('perPage') || 20);
+
+    const filtered = mockPermissions.filter((permission) => {
+      if (fileId) return permission.itemType === 'file' && permission.itemId === fileId;
+      if (folderId) return permission.itemType === 'folder' && permission.itemId === folderId;
+      return true;
+    });
+
+    return {
+      success: true,
+      code: 200,
+      data: paginate(filtered, page, perPage),
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/permissions$/, 'post', (options) => {
+    const payload = JSON.parse(options.body || '{}');
+    const { fileId, folderId, userId, groupId, permission } = payload;
+
+    const itemType = fileId ? 'file' : folderId ? 'folder' : null;
+    const itemId = fileId || folderId;
+
+    if (!itemType || !itemId || !permission) {
+      return {
+        success: false,
+        code: 400,
+        message: 'Invalid permission payload',
+        data: null,
+      };
+    }
+
+    let grantedTo: { type: 'user' | 'group'; id: string; name: string } | null = null;
+
+    if (userId) {
+      const user = mockUsers.find((entry) => entry.userId === userId);
+      grantedTo = {
+        type: 'user',
+        id: userId,
+        name: user?.username || `User ${userId}`,
+      };
+    }
+
+    if (groupId) {
+      const group = mockGroups.find((entry) => entry.id === groupId);
+      grantedTo = {
+        type: 'group',
+        id: groupId,
+        name: group?.name || `Group ${groupId}`,
+      };
+    }
+
+    if (!grantedTo) {
+      return {
+        success: false,
+        code: 400,
+        message: 'Either userId or groupId is required',
+        data: null,
+      };
+    }
+
+    const created = {
+      permissionId: createMockId('perm'),
+      itemType,
+      itemId,
+      grantedTo,
+      permission,
+      createdAt: new Date().toISOString(),
+    };
+
+    mockPermissions.unshift(created as any);
+
+    return {
+      success: true,
+      code: 201,
+      data: created,
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/permissions\/([^/]+)$/, 'put', (options) => {
+    const permissionId = (options.url.match(/\/api\/v1\/permissions\/([^/?]+)/) || [])[1];
+    const { permission } = JSON.parse(options.body || '{}');
+
+    const target = mockPermissions.find((item) => item.permissionId === permissionId);
+    if (!target) {
+      return {
+        success: false,
+        code: 404,
+        message: 'Permission not found',
+        data: null,
+      };
+    }
+
+    target.permission = permission;
+
+    return {
+      success: true,
+      code: 200,
+      data: target,
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/permissions\/([^/]+)$/, 'delete', (options) => {
+    const permissionId = (options.url.match(/\/api\/v1\/permissions\/([^/?]+)/) || [])[1];
+    const index = mockPermissions.findIndex((item) => item.permissionId === permissionId);
+
+    if (index === -1) {
+      return {
+        success: false,
+        code: 404,
+        message: 'Permission not found',
+        data: null,
+      };
+    }
+
+    const removed = mockPermissions.splice(index, 1)[0];
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        permissionId: removed.permissionId,
+        revokedPermission: removed.permission,
+        deletedAt: new Date().toISOString(),
+      },
+    };
+  });
+};
diff --git a/web/src/mock/handlers/recycle.ts b/web/src/mock/handlers/recycle.ts
index 854c19b..440d932 100644
--- a/web/src/mock/handlers/recycle.ts
+++ b/web/src/mock/handlers/recycle.ts
@@ -1,81 +1,133 @@
 import Mock from 'mockjs';
-import { vfsApi } from '../vfs';
 import type { RecycleBinItem } from '../../types/file';
+import { addLog } from '../state';
+import { vfsApi } from '../vfs';
+
+function buildPagination(count: number) {
+  return {
+    totalItems: count,
+    totalPages: 1,
+    perPage: count,
+    currentPage: 1,
+    hasPrev: false,
+    hasNext: false,
+  };
+}
 
 export const setupRecycleMocks = () => {
-  // Get Recycle Bin Contents
-  Mock.mock(/\/api\/v1\/recycle-bin/, 'get', () => {
-    const allItems = vfsApi.getAll();
-    const trashedItems: RecycleBinItem[] = Object.values(allItems)
-      .filter(item => item.isTrashed)
-      .map(item => {
-        const path = vfsApi.getPath(item.id);
-        const originalPath = path.slice(0, -1).map(p => p.name).join('/');
+  Mock.mock(/\/api\/v1\/recycle-bin$/, 'get', () => {
+    const all = Object.values(vfsApi.getAll());
 
-        const daysUntilPermanentDelete = 30 - Math.floor((Date.now() - new Date(item.deletedAt!).getTime()) / (1000 * 60 * 60 * 24));
+    const trashedItems: RecycleBinItem[] = all
+      .filter((node) => node.isTrashed)
+      .map((node) => {
+        const path = vfsApi.getPath(node.id);
+        const originalPath = path.slice(0, -1).map((item) => item.name).join('/') || 'My Files';
+        const deletedAt = node.deletedAt || new Date().toISOString();
+        const expireAt = new Date(new Date(deletedAt).getTime() + 30 * 24 * 60 * 60 * 1000);
+        const daysUntilPermanentDelete = Math.max(
+          0,
+          Math.ceil((expireAt.getTime() - Date.now()) / (24 * 60 * 60 * 1000)),
+        );
 
         return {
-          itemType: item.type,
-          id: item.id,
-          name: item.name,
-          originalPath: originalPath || 'My Files',
-          size: item.size || 0,
-          mimeType: item.mimeType,
-          deletedAt: item.deletedAt!,
-          autoDeleteAt: new Date(new Date(item.deletedAt!).getTime() + 30 * 24 * 60 * 60 * 1000).toISOString(),
-          daysUntilPermanentDelete: daysUntilPermanentDelete > 0 ? daysUntilPermanentDelete : 0,
-          canRestore: true, // Mock logic, always true for now
-          restoreConflicts: false, // Mock logic, always false for now
+          itemType: node.type,
+          id: node.id,
+          name: node.name,
+          originalPath,
+          size: node.size || 0,
+          mimeType: node.mimeType,
+          deletedAt,
+          autoDeleteAt: expireAt.toISOString(),
+          daysUntilPermanentDelete,
+          canRestore: true,
+          restoreConflicts: false,
         };
-      });
+      })
+      .sort((a, b) => new Date(b.deletedAt).getTime() - new Date(a.deletedAt).getTime());
 
     return {
       success: true,
       code: 200,
       data: {
-        items: trashedItems.sort((a, b) => new Date(b.deletedAt).getTime() - new Date(a.deletedAt).getTime()),
-        pagination: { totalItems: trashedItems.length, totalPages: 1, perPage: trashedItems.length, currentPage: 1 },
+        items: trashedItems,
+        pagination: buildPagination(trashedItems.length),
       },
     };
   });
 
-  // Restore Item
-  Mock.mock(/\/api\/v1\/recycle-bin\/(.+)\/restore/, 'post', (options) => {
-    const itemId = (options.url.match(/\/api\/v1\/recycle-bin\/(.+)\/restore/) || [])[1];
+  Mock.mock(/\/api\/v1\/recycle-bin\/([^/]+)\/restore$/, 'post', (options) => {
+    const itemId = (options.url.match(/\/api\/v1\/recycle-bin\/([^/]+)\/restore/) || [])[1];
+    const node = vfsApi.get(itemId);
+
+    if (!node) {
+      return {
+        success: false,
+        code: 404,
+        message: 'Item not found',
+        data: null,
+      };
+    }
+
     vfsApi.restore(itemId);
-    const restoredItem = vfsApi.get(itemId);
+    addLog('recycle_restore', { itemId, itemName: node.name });
+
     return {
       success: true,
       code: 200,
-      message: 'Item restored successfully.',
+      message: 'Item restored successfully',
       data: {
-        itemType: restoredItem?.type,
-        id: restoredItem?.id,
-        name: restoredItem?.name,
-        restoredTo: restoredItem?.parent,
+        itemType: node.type,
+        id: node.id,
+        name: node.name,
+        restoredTo: node.parent,
         restoredAt: new Date().toISOString(),
       },
     };
   });
 
-  // Permanent Delete
-  Mock.mock(/\/api\/v1\/recycle-bin\/(.+)/, 'delete', (options) => {
-    const itemId = (options.url.match(/\/api\/v1\/recycle-bin\/(.+)/) || [])[1];
-    const item = vfsApi.get(itemId);
-    if (!item) {
-        return { success: false, code: 404, message: 'Item not found.' };
+  Mock.mock(/\/api\/v1\/recycle-bin\/([^/]+)$/, 'delete', (options) => {
+    const itemId = (options.url.match(/\/api\/v1\/recycle-bin\/([^/?]+)/) || [])[1];
+    const node = vfsApi.get(itemId);
+
+    if (!node) {
+      return {
+        success: false,
+        code: 404,
+        message: 'Item not found',
+        data: null,
+      };
     }
+
     vfsApi.permanentDelete(itemId);
+    addLog('recycle_permanent_delete', { itemId, itemName: node.name });
+
     return {
-        success: true,
-        code: 200,
-        message: 'Item permanently deleted.',
-        data: {
-            itemType: item.type,
-            id: item.id,
-            name: item.name,
-            permanentlyDeletedAt: new Date().toISOString(),
-        },
+      success: true,
+      code: 200,
+      message: 'Item permanently deleted',
+      data: {
+        itemType: node.type,
+        id: node.id,
+        name: node.name,
+        permanentlyDeletedAt: new Date().toISOString(),
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/recycle-bin$/, 'delete', () => {
+    const result = vfsApi.clearRecycleBin();
+    addLog('recycle_clear', { filesDeleted: result.filesDeleted, foldersDeleted: result.foldersDeleted });
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        filesDeleted: result.filesDeleted,
+        foldersDeleted: result.foldersDeleted,
+        totalStorageFreed: result.totalStorageFreed,
+        cleanupCompletedAt: new Date().toISOString(),
+      },
     };
   });
-}; 
\ No newline at end of file
+};
diff --git a/web/src/mock/handlers/share.ts b/web/src/mock/handlers/share.ts
index 515ccc2..74f18a2 100644
--- a/web/src/mock/handlers/share.ts
+++ b/web/src/mock/handlers/share.ts
@@ -1,48 +1,220 @@
 import Mock from 'mockjs';
+import { addLog, createMockId, mockSharedItems, mockShares, paginate } from '../state';
+import { vfsApi } from '../vfs';
 
-const sharedItems = [
-  {
-    itemType: 'file',
-    id: 'shared_file_1',
-    name: 'Q3 Financial Report.xlsx',
-    size: 1572864,
-    mimeType: 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
-    sharedBy: 'Alice',
-    permission: 'write',
-    sharedAt: new Date(Date.now() - 86400000).toISOString(), // 1 day ago
-  },
-  {
-    itemType: 'folder',
-    id: 'shared_folder_1',
-    name: 'Project Phoenix Assets',
-    size: 268435456,
-    sharedBy: 'Bob',
-    permission: 'read',
-    sharedAt: new Date(Date.now() - 172800000).toISOString(), // 2 days ago
-  },
-  {
-    itemType: 'file',
-    id: 'shared_file_2',
-    name: 'Design Mockups.fig',
-    size: 25165824,
-    mimeType: 'application/figma',
-    sharedBy: 'Charlie',
-    permission: 'read',
-    sharedAt: new Date(Date.now() - 259200000).toISOString(), // 3 days ago
-  },
-];
+function sortSharedItems<T extends { [key: string]: any }>(items: T[], sort: string | null, order: string | null) {
+  const sortField = sort || 'sharedAt';
+  const direction = order === 'asc' ? 1 : -1;
+
+  return [...items].sort((a, b) => {
+    const av = a[sortField];
+    const bv = b[sortField];
+
+    if (typeof av === 'number' && typeof bv === 'number') {
+      return (av - bv) * direction;
+    }
+
+    return String(av || '').localeCompare(String(bv || ''), undefined, { sensitivity: 'base' }) * direction;
+  });
+}
 
 export const setupShareMocks = () => {
-  // Get Shared Items
-  Mock.mock(/\/api\/v1\/shared-items/, 'get', (options) => {
-    // Basic mock, no sorting/paging for now
+  Mock.mock(/\/api\/v1\/shares$/, 'post', (options) => {
+    const { resourceType, resourceId } = JSON.parse(options.body || '{}');
+    const resource = vfsApi.get(resourceId);
+
+    if (!resource || resource.type !== resourceType) {
+      return {
+        success: false,
+        code: 404,
+        message: 'Resource not found',
+        data: null,
+      };
+    }
+
+    const shareLink = Mock.Random.string('upper', 6);
+    const share = {
+      shareId: createMockId('share'),
+      shareLink,
+      ownerUserId: 'user1',
+      itemType: resourceType,
+      itemInfo: {
+        id: resource.id,
+        name: resource.name,
+        size: resource.type === 'folder' ? vfsApi.getFolderStats(resource.id).totalSize : resource.size || 0,
+        mimeType: resource.mimeType || (resource.type === 'folder' ? 'inode/directory' : 'application/octet-stream'),
+        folderPath: vfsApi
+          .getPath(resource.id)
+          .slice(0, -1)
+          .map((node) => node.name)
+          .join('/'),
+      },
+      settings: {
+        passwordProtected: false,
+        expireAt: null,
+        allowDownload: true,
+        allowPreview: true,
+      },
+      createdAt: new Date().toISOString(),
+      visitCount: 0,
+      downloadCount: 0,
+    };
+
+    mockShares.unshift(share);
+    addLog('file_share', { resourceId, shareId: share.shareId, shareLink });
+
+    return {
+      success: true,
+      code: 201,
+      data: share,
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/shares(?:\?.*)?$/, 'get', (options) => {
+    const url = new URL(options.url, 'http://localhost');
+    const page = Number(url.searchParams.get('page') || 1);
+    const perPage = Number(url.searchParams.get('perPage') || 20);
+
+    return {
+      success: true,
+      code: 200,
+      data: paginate(mockShares, page, perPage),
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/shares\/([^/]+)$/, 'get', (options) => {
+    const shareLink = (options.url.match(/\/api\/v1\/shares\/([^/?]+)/) || [])[1];
+    const share = mockShares.find((item) => item.shareLink === shareLink || item.shareId === shareLink);
+
+    if (!share) {
+      return {
+        success: false,
+        code: 404,
+        message: 'Share not found',
+        data: null,
+      };
+    }
+
+    return {
+      success: true,
+      code: 200,
+      data: share,
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/shares\/([^/]+)\/access$/, 'post', (options) => {
+    const shareLink = (options.url.match(/\/api\/v1\/shares\/([^/]+)\/access/) || [])[1];
+    const { password } = JSON.parse(options.body || '{}');
+    const share = mockShares.find((item) => item.shareLink === shareLink || item.shareId === shareLink);
+
+    if (!share) {
+      return {
+        success: false,
+        code: 404,
+        message: 'Share not found',
+        data: null,
+      };
+    }
+
+    if (share.settings.passwordProtected && password !== '123456') {
+      return {
+        success: false,
+        code: 403,
+        message: 'Invalid share password',
+        data: null,
+      };
+    }
+
+    share.visitCount = (share.visitCount || 0) + 1;
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        accessToken: createMockId('access'),
+        expiresIn: 1800,
+        itemType: share.itemType,
+        itemInfo: share.itemInfo,
+        accessUrls: {
+          download: `/api/v1/files/${share.itemInfo.id}/download`,
+          preview: `/api/v1/files/${share.itemInfo.id}/preview`,
+        },
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/shares\/([^/]+)$/, 'delete', (options) => {
+    const shareLink = (options.url.match(/\/api\/v1\/shares\/([^/?]+)/) || [])[1];
+    const index = mockShares.findIndex((item) => item.shareLink === shareLink || item.shareId === shareLink);
+
+    if (index === -1) {
+      return {
+        success: false,
+        code: 404,
+        message: 'Share not found',
+        data: null,
+      };
+    }
+
+    const removed = mockShares.splice(index, 1)[0];
+    addLog('share_delete', { shareId: removed.shareId, shareLink: removed.shareLink });
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        shareId: removed.shareId,
+        shareLink: removed.shareLink,
+        deletedAt: new Date().toISOString(),
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/shared-items(?:\?.*)?$/, 'get', (options) => {
+    const url = new URL(options.url, 'http://localhost');
+    const page = Number(url.searchParams.get('page') || 1);
+    const perPage = Number(url.searchParams.get('perPage') || 20);
+    const sort = url.searchParams.get('sort');
+    const order = url.searchParams.get('order');
+
+    const sorted = sortSharedItems(mockSharedItems, sort, order);
+
+    return {
+      success: true,
+      code: 200,
+      data: paginate(sorted, page, perPage),
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/shared-items\/([^/]+)\/accept$/, 'post', (options) => {
+    const itemId = (options.url.match(/\/api\/v1\/shared-items\/([^/]+)\/accept/) || [])[1];
+    const item = mockSharedItems.find((entry) => entry.id === itemId);
+
+    if (!item) {
+      return {
+        success: false,
+        code: 404,
+        message: 'Shared item not found',
+        data: null,
+      };
+    }
+
+    if (item.itemType === 'folder') {
+      vfsApi.createFolder('root', `${item.name} (Shared)`);
+    } else {
+      vfsApi.createFile('root', `${item.name}`, item.size, item.mimeType || 'application/octet-stream');
+    }
+
+    addLog('shared_item_accept', { itemId, itemName: item.name });
+
     return {
       success: true,
       code: 200,
       data: {
-        items: sharedItems,
-        pagination: { totalItems: sharedItems.length, totalPages: 1, perPage: sharedItems.length, currentPage: 1 },
+        accepted: true,
+        acceptedAt: new Date().toISOString(),
+        itemId,
       },
     };
   });
-}; 
\ No newline at end of file
+};
diff --git a/web/src/mock/handlers/storage.ts b/web/src/mock/handlers/storage.ts
new file mode 100644
index 0000000..b8b9317
--- /dev/null
+++ b/web/src/mock/handlers/storage.ts
@@ -0,0 +1,127 @@
+import Mock from 'mockjs';
+import { mockUsers } from '../state';
+import { vfsApi } from '../vfs';
+
+function computeStorageStats() {
+  const nodes = Object.values(vfsApi.getAll()).filter((node) => !node.isTrashed);
+  const files = nodes.filter((node) => node.type === 'file');
+  const folders = nodes.filter((node) => node.type === 'folder' && node.id !== 'root');
+
+  const storageUsed = files.reduce((sum, node) => sum + (node.size || 0), 0);
+  const storageLimit = mockUsers[0]?.storageLimit || 100 * 1024 * 1024 * 1024;
+
+  const bucket = {
+    documents: { size: 0, count: 0 },
+    images: { size: 0, count: 0 },
+    videos: { size: 0, count: 0 },
+    audio: { size: 0, count: 0 },
+    archives: { size: 0, count: 0 },
+    others: { size: 0, count: 0 },
+  };
+
+  files.forEach((file) => {
+    const size = file.size || 0;
+    const mime = file.mimeType || '';
+
+    if (mime.startsWith('image/')) {
+      bucket.images.size += size;
+      bucket.images.count += 1;
+    } else if (mime.startsWith('video/')) {
+      bucket.videos.size += size;
+      bucket.videos.count += 1;
+    } else if (mime.startsWith('audio/')) {
+      bucket.audio.size += size;
+      bucket.audio.count += 1;
+    } else if (mime.includes('zip') || mime.includes('compressed')) {
+      bucket.archives.size += size;
+      bucket.archives.count += 1;
+    } else if (mime.includes('pdf') || mime.includes('sheet') || mime.includes('word') || mime.startsWith('text/')) {
+      bucket.documents.size += size;
+      bucket.documents.count += 1;
+    } else {
+      bucket.others.size += size;
+      bucket.others.count += 1;
+    }
+  });
+
+  return {
+    storage_limit: storageLimit,
+    storage_used: storageUsed,
+    storage_available: Math.max(storageLimit - storageUsed, 0),
+    storage_percentage: Number(((storageUsed / storageLimit) * 100).toFixed(2)),
+    file_count: files.length,
+    folder_count: folders.length,
+    breakdown: bucket,
+  };
+}
+
+export const setupStorageMocks = () => {
+  Mock.mock(/\/api\/v1\/storage\/statistics$/, 'get', () => {
+    return {
+      success: true,
+      code: 200,
+      data: computeStorageStats(),
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/storage\/summary$/, 'get', () => {
+    return {
+      success: true,
+      code: 200,
+      data: computeStorageStats(),
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/storage\/usage-trend(?:\?.*)?$/, 'get', (options) => {
+    const url = new URL(options.url, 'http://localhost');
+    const days = Math.min(Number(url.searchParams.get('days') || 7), 30);
+    const currentUsed = computeStorageStats().storage_used;
+
+    const trends = Array.from({ length: days }).map((_, index) => {
+      const dayIndex = days - index - 1;
+      const date = new Date(Date.now() - dayIndex * 24 * 60 * 60 * 1000);
+      const dailyUsed = Math.max(currentUsed - dayIndex * 12000000 + Mock.Random.integer(-4000000, 4000000), 0);
+
+      return {
+        date: date.toISOString().split('T')[0],
+        used: dailyUsed,
+      };
+    });
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        trends,
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/admin\/storage\/users$/, 'get', () => {
+    const items = mockUsers.map((user) => ({
+      userId: user.userId,
+      username: user.username,
+      email: user.email,
+      storageUsed: user.storageUsed,
+      storageLimit: user.storageLimit,
+      usagePercentage: Number(((user.storageUsed / user.storageLimit) * 100).toFixed(2)),
+      status: user.status,
+    }));
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        items,
+        pagination: {
+          totalItems: items.length,
+          totalPages: 1,
+          perPage: items.length,
+          currentPage: 1,
+          hasPrev: false,
+          hasNext: false,
+        },
+      },
+    };
+  });
+};
diff --git a/web/src/mock/handlers/upload.ts b/web/src/mock/handlers/upload.ts
index ebac779..1ca5a12 100644
--- a/web/src/mock/handlers/upload.ts
+++ b/web/src/mock/handlers/upload.ts
@@ -1,80 +1,206 @@
 import Mock from 'mockjs';
+import { addLog, addNotification } from '../state';
 import { vfsApi } from '../vfs';
-import { arrayBufferToBase64, fileToArrayBuffer } from '../../utils/hash';
+import { arrayBufferToBase64 } from '../../utils/hash';
 
-export const setupUploadMocks = () => {
-  // Store chunks temporarily. In a real scenario, this would be on a server.
-  const chunkStorage = new Map<string, Map<number, File>>();
+type UploadSession = {
+  uploadId: string;
+  fileHash: string;
+  fileName: string;
+  fileSize: number;
+  mimeType: string;
+  parentId: string;
+  chunkSize: number;
+  chunks: Map<number, Blob>;
+  uploadedChunkIndexes: Set<number>;
+  createdAt: string;
+};
+
+const sessions = new Map<string, UploadSession>();
+const hashToSessionId = new Map<string, string>();
 
-  // Preflight Upload
+function findCompletedFileByHash(fileHash: string) {
+  return Object.values(vfsApi.getAll()).find(
+    (node) => node.type === 'file' && !node.isTrashed && node.hash === fileHash,
+  );
+}
+
+export const setupUploadMocks = () => {
   Mock.mock(/\/api\/v1\/uploads\/preflight/, 'post', (options) => {
+    const payload = JSON.parse(options.body || '{}');
+    const { fileHash, fileName, fileSize, mimeType, parentId } = payload;
+
+    if (!fileHash || !fileName || !fileSize || !parentId) {
+      return {
+        success: false,
+        code: 400,
+        message: 'fileHash, fileName, fileSize and parentId are required',
+        data: null,
+      };
+    }
+
+    const existingFile = findCompletedFileByHash(fileHash);
+    if (existingFile) {
+      return {
+        success: true,
+        code: 200,
+        message: 'File already exists',
+        data: {
+          status: 'COMPLETE',
+          fileId: existingFile.id,
+        },
+      };
+    }
+
+    const existingSessionId = hashToSessionId.get(fileHash);
+    if (existingSessionId && sessions.has(existingSessionId)) {
+      const session = sessions.get(existingSessionId)!;
+      return {
+        success: true,
+        code: 200,
+        message: 'Resume upload session',
+        data: {
+          status: 'UPLOADING',
+          uploadId: session.uploadId,
+          chunkSize: session.chunkSize,
+          uploadedChunkIndexes: [...session.uploadedChunkIndexes].sort((a, b) => a - b),
+        },
+      };
+    }
+
     const uploadId = Mock.Random.guid();
-    chunkStorage.set(uploadId, new Map());
+    const chunkSize = 5 * 1024 * 1024;
+    const newSession: UploadSession = {
+      uploadId,
+      fileHash,
+      fileName,
+      fileSize,
+      mimeType: mimeType || 'application/octet-stream',
+      parentId,
+      chunkSize,
+      chunks: new Map(),
+      uploadedChunkIndexes: new Set(),
+      createdAt: new Date().toISOString(),
+    };
+
+    sessions.set(uploadId, newSession);
+    hashToSessionId.set(fileHash, uploadId);
+
     return {
-      success: true, code: 200, message: 'Ready for upload.',
+      success: true,
+      code: 200,
+      message: 'Ready for upload',
       data: {
         status: 'UPLOADING',
-        uploadId: uploadId,
-        chunkSize: 5 * 1024 * 1024, // 5MB chunks
+        uploadId,
+        chunkSize,
         uploadedChunkIndexes: [],
-      }
+      },
     };
   });
 
-  // Upload Chunk
-  Mock.mock(/\/api\/v1\/uploads\/(.+)\/chunk/, 'post', (options) => {
-    const uploadId = (options.url.match(/\/api\/v1\/uploads\/(.+)\/chunk/) || [])[1];
-    const formData = options.body as FormData; // Mockjs passes FormData directly
-    const chunk = formData.get('chunk') as File;
-    const chunkIndex = parseInt(formData.get('chunkIndex') as string, 10);
-    
-    if (chunkStorage.has(uploadId)) {
-      chunkStorage.get(uploadId)!.set(chunkIndex, chunk);
-      return { success: true, code: 200, message: `Chunk ${chunkIndex} uploaded for ${uploadId}.`};
-    } else {
-      return { success: false, code: 404, message: 'Upload ID not found.' };
+  Mock.mock(/\/api\/v1\/uploads\/([^/]+)\/chunk$/, 'post', (options) => {
+    const uploadId = (options.url.match(/\/api\/v1\/uploads\/([^/]+)\/chunk/) || [])[1];
+    const session = sessions.get(uploadId);
+
+    if (!session) {
+      return {
+        success: false,
+        code: 404,
+        message: 'Upload session not found',
+        data: null,
+      };
     }
+
+    const formData = options.body as FormData;
+    const chunk = formData.get('chunk') as Blob | null;
+    const chunkIndexText = formData.get('chunkIndex') as string | null;
+    const chunkIndex = Number(chunkIndexText);
+
+    if (!chunk || Number.isNaN(chunkIndex)) {
+      return {
+        success: false,
+        code: 400,
+        message: 'Invalid chunk payload',
+        data: null,
+      };
+    }
+
+    session.chunks.set(chunkIndex, chunk);
+    session.uploadedChunkIndexes.add(chunkIndex);
+
+    return {
+      success: true,
+      code: 200,
+      message: `Chunk ${chunkIndex} uploaded`,
+      data: null,
+    };
   });
 
-  // Merge Chunks
-  Mock.mock(/\/api\/v1\/uploads\/(.+)\/merge/, 'post', (options) => {
-    const uploadId = (options.url.match(/\/api\/v1\/uploads\/(.+)\/merge/) || [])[1];
-    const { fileName, parentId, mimeType } = JSON.parse(options.body);
+  Mock.mock(/\/api\/v1\/uploads\/([^/]+)\/merge$/, 'post', async (options) => {
+    const uploadId = (options.url.match(/\/api\/v1\/uploads\/([^/]+)\/merge/) || [])[1];
+    const session = sessions.get(uploadId);
 
-    if (!chunkStorage.has(uploadId)) {
-      return { success: false, code: 404, message: 'Upload ID not found.' };
+    if (!session) {
+      return {
+        success: false,
+        code: 404,
+        message: 'Upload session not found',
+        data: null,
+      };
     }
 
-    const chunksMap = chunkStorage.get(uploadId)!;
-    const sortedChunks = Array.from(chunksMap.keys()).sort((a, b) => a - b).map(key => chunksMap.get(key)!);
-    
-    if (sortedChunks.length === 0) {
-       return { success: false, code: 400, message: 'No chunks found for this upload.' };
+    const sortedIndexes = [...session.uploadedChunkIndexes].sort((a, b) => a - b);
+    const sortedChunks = sortedIndexes.map((index) => session.chunks.get(index)).filter(Boolean) as Blob[];
+
+    if (!sortedChunks.length) {
+      return {
+        success: false,
+        code: 400,
+        message: 'No uploaded chunks found',
+        data: null,
+      };
     }
 
-    const completeFileBlob = new Blob(sortedChunks);
-    
-    const newFileVfsNode = vfsApi.createFile(parentId, fileName, completeFileBlob.size, mimeType || 'application/octet-stream');
-    
-    chunkStorage.delete(uploadId); // Clean up after merge
-
-    // The mock must return a response that matches the `MergeChunksResponse` type definition
-    const responseData = {
-      fileId: newFileVfsNode.id,
-      fileName: newFileVfsNode.name,
-      fileSize: newFileVfsNode.size || 0,
-      mimeType: newFileVfsNode.mimeType || 'application/octet-stream',
-      folderId: newFileVfsNode.parent || 'root',
-      objectHash: `mock-hash-${newFileVfsNode.id}`,
-      createdAt: newFileVfsNode.createdAt,
-      downloadUrl: `/api/v1/files/${newFileVfsNode.id}/download`,
-    };
+    const mergedBlob = new Blob(sortedChunks, { type: session.mimeType });
+    const buffer = await mergedBlob.arrayBuffer();
+    const base64Content = arrayBufferToBase64(buffer);
+
+    const created = vfsApi.createFile(
+      session.parentId,
+      session.fileName,
+      mergedBlob.size,
+      session.mimeType,
+      base64Content,
+    );
+
+    const node = vfsApi.get(created.id);
+    if (node) {
+      node.hash = session.fileHash;
+      node.virusStatus = 'clean';
+      node.updatedAt = new Date().toISOString();
+    }
+
+    sessions.delete(uploadId);
+    hashToSessionId.delete(session.fileHash);
+
+    addLog('file_upload', { fileId: created.id, fileName: created.name, size: created.size || 0 });
+    addNotification(`Upload complete: ${created.name}`, true);
 
     return {
       success: true,
       code: 201,
-      message: 'File created successfully.',
-      data: responseData,
+      message: 'File created successfully',
+      data: {
+        fileId: created.id,
+        fileName: created.name,
+        fileSize: created.size || 0,
+        mimeType: created.mimeType || 'application/octet-stream',
+        folderId: created.parent || 'root',
+        objectHash: session.fileHash,
+        createdAt: created.createdAt,
+        downloadUrl: `/api/v1/files/${created.id}/download`,
+      },
     };
   });
-}; 
\ No newline at end of file
+};
diff --git a/web/src/mock/handlers/user.ts b/web/src/mock/handlers/user.ts
index b7dcdcf..9ce7650 100644
--- a/web/src/mock/handlers/user.ts
+++ b/web/src/mock/handlers/user.ts
@@ -1,134 +1,266 @@
 import Mock from 'mockjs';
-import { vfsApi } from '../vfs'; // We might not need vfs here, but good to have.
+import { addLog, addNotification, mockLogs, mockUsers, paginate } from '../state';
 
-const users = [
-  { userId: 'user1', username: 'Alice', email: 'alice@example.com' },
-  { userId: 'user2', username: 'Bob', email: 'bob@example.com' },
-  { userId: 'user3', username: 'Charlie', email: 'charlie@example.com' },
-  { userId: 'user4', username: 'David', email: 'david@example.com' },
+const profileGroups = [
+  {
+    groupId: 'group1',
+    groupName: 'Developers',
+    role: 'admin' as const,
+  },
+  {
+    groupId: 'group2',
+    groupName: 'Product Team',
+    role: 'member' as const,
+  },
 ];
 
+function toDateArray(isoString: string) {
+  const date = new Date(isoString);
+  return [
+    date.getFullYear(),
+    date.getMonth() + 1,
+    date.getDate(),
+    date.getHours(),
+    date.getMinutes(),
+    date.getSeconds(),
+  ];
+}
+
 export const setupUserMocks = () => {
-  // Get Users (with search)
-  Mock.mock(/\/api\/v1\/users/, 'get', (options) => {
+  Mock.mock(/\/api\/v1\/users(?:\?.*)?$/, 'get', (options) => {
+    const url = new URL(options.url, 'http://localhost');
+    const search = (url.searchParams.get('search') || '').toLowerCase();
+    const page = Number(url.searchParams.get('page') || 1);
+    const perPage = Number(url.searchParams.get('perPage') || 20);
+
+    const filtered = mockUsers.filter((user) => {
+      if (!search) return true;
+      return user.username.toLowerCase().includes(search) || user.email.toLowerCase().includes(search);
+    });
+
+    return {
+      success: true,
+      code: 200,
+      data: paginate(filtered, page, perPage),
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/admin\/users(?:\?.*)?$/, 'get', (options) => {
     const url = new URL(options.url, 'http://localhost');
-    const search = url.searchParams.get('search') || '';
-    
-    const filteredUsers = users.filter(user => 
-      user.username.toLowerCase().includes(search.toLowerCase()) ||
-      user.email.toLowerCase().includes(search.toLowerCase())
-    );
+    const page = Number(url.searchParams.get('page') || 1);
+    const perPage = Number(url.searchParams.get('perPage') || 20);
+
+    const users = mockUsers.map((user) => ({
+      ...user,
+      role: user.role,
+      status: user.status,
+      lastActiveAt: new Date(Date.now() - Mock.Random.integer(1, 72) * 3600000).toISOString(),
+    }));
+
+    return {
+      success: true,
+      code: 200,
+      data: paginate(users, page, perPage),
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/admin\/users\/([^/]+)\/status$/, 'patch', (options) => {
+    const userId = (options.url.match(/\/api\/v1\/admin\/users\/([^/]+)\/status/) || [])[1];
+    const { status } = JSON.parse(options.body || '{}');
+
+    const target = mockUsers.find((user) => user.userId === userId);
+    if (!target) {
+      return {
+        success: false,
+        code: 404,
+        message: 'User not found',
+        data: null,
+      };
+    }
+
+    target.status = status;
+    addLog('admin_user_status_update', { userId, status });
 
     return {
       success: true,
       code: 200,
       data: {
-        items: filteredUsers,
-        pagination: { totalItems: filteredUsers.length, totalPages: 1, perPage: filteredUsers.length, currentPage: 1 },
+        userId,
+        status,
+        updatedAt: new Date().toISOString(),
       },
     };
   });
 
-  // Get User Profile
-  Mock.mock(/\/api\/v1\/me\/profile/, 'get', {
-    success: true,
-    code: 200,
-    data: {
-      userId: 'user1', 
-      username: 'Demo User', 
-      email: 'demo@example.com',
-      storageLimit: 107374182400, // 100GB
-      storageUsed: 21474836480,   // 20GB
-      createdAt: '@datetime("yyyy-MM-dd HH:mm:ss")',
-      updatedAt: '@datetime("yyyy-MM-dd HH:mm:ss")',
-      lastLogin: '@datetime("yyyy-MM-dd HH:mm:ss")',
-      groups: [
-        {
-          groupId: 1,
-          groupName: '开发团队',
-          role: 'admin'
+  Mock.mock(/\/api\/v1\/admin\/violations(?:\?.*)?$/, 'get', () => {
+    const items = [
+      {
+        id: 'vio_1',
+        fileId: 'file8',
+        fileName: 'intro.mp3',
+        type: 'copyright',
+        level: 'medium',
+        reportedAt: new Date(Date.now() - 36 * 3600000).toISOString(),
+        status: 'pending',
+      },
+      {
+        id: 'vio_2',
+        fileId: 'file9',
+        fileName: 'walkthrough.mp4',
+        type: 'sensitive_content',
+        level: 'high',
+        reportedAt: new Date(Date.now() - 12 * 3600000).toISOString(),
+        status: 'under_review',
+      },
+    ];
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        items,
+        pagination: {
+          totalItems: items.length,
+          totalPages: 1,
+          perPage: items.length,
+          currentPage: 1,
+          hasPrev: false,
+          hasNext: false,
         },
-        {
-          groupId: 2,
-          groupName: '项目管理',
-          role: 'member'
-        }
-      ]
-    }
+      },
+    };
   });
 
-  // Get Storage Stats
-  Mock.mock(/\/api\/v1\/me\/storage-stats/, 'get', {
-    success: true,
-    code: 200,
-    data: {
-      storageLimit: 107374182400, // 100GB
-      storageUsed: 21474836480,   // 20GB
-      storageAvailable: 85899345920, // 80GB
-      storagePercentage: 20,
-      fileCount: 1247,
-      folderCount: 86,
-      breakdown: {
-        documents: {
-          size: 5368709120, // 5GB
-          count: 234
-        },
-        images: {
-          size: 10737418240, // 10GB
-          count: 567
-        },
-        videos: {
-          size: 4294967296, // 4GB
-          count: 12
-        },
-        audio: {
-          size: 1073741824, // 1GB
-          count: 89
-        },
-        archives: {
-          size: 268435456, // 256MB
-          count: 15
+  Mock.mock(/\/api\/v1\/admin\/violations\/([^/]+)\/resolve$/, 'post', (options) => {
+    const violationId = (options.url.match(/\/api\/v1\/admin\/violations\/([^/]+)\/resolve/) || [])[1];
+    addLog('admin_violation_resolve', { violationId });
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        violationId,
+        resolvedAt: new Date().toISOString(),
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/me\/profile$/, 'get', () => {
+    const user = mockUsers[0];
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        userId: user.userId,
+        username: user.username,
+        email: user.email,
+        storageLimit: user.storageLimit,
+        storageUsed: user.storageUsed,
+        createdAt: user.createdAt,
+        updatedAt: new Date().toISOString(),
+        lastLogin: new Date(Date.now() - 2 * 3600000).toISOString(),
+        groups: profileGroups,
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/me\/update-profile$/, 'put', (options) => {
+    const { username, email } = JSON.parse(options.body || '{}');
+    const user = mockUsers[0];
+
+    if (username) user.username = username;
+    if (email) user.email = email;
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        userId: user.userId,
+        username: user.username,
+        email: user.email,
+        storageLimit: user.storageLimit,
+        storageUsed: user.storageUsed,
+        createdAt: user.createdAt,
+        updatedAt: new Date().toISOString(),
+        lastLogin: new Date(Date.now() - 2 * 3600000).toISOString(),
+        groups: profileGroups,
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/me\/password$/, 'put', () => {
+    addNotification('Password updated successfully', true);
+
+    return {
+      success: true,
+      code: 200,
+      data: null,
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/me\/storage-stats$/, 'get', () => {
+    const user = mockUsers[0];
+    const percentage = Number(((user.storageUsed / user.storageLimit) * 100).toFixed(2));
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        storageLimit: user.storageLimit,
+        storageUsed: user.storageUsed,
+        storageAvailable: user.storageLimit - user.storageUsed,
+        storagePercentage: percentage,
+        fileCount: 1247,
+        folderCount: 86,
+        breakdown: {
+          documents: { size: 5368709120, count: 234 },
+          images: { size: 10737418240, count: 567 },
+          videos: { size: 4294967296, count: 12 },
+          audio: { size: 1073741824, count: 89 },
+          archives: { size: 268435456, count: 15 },
+          others: { size: 268435456, count: 330 },
         },
-        others: {
-          size: 268435456, // 256MB
-          count: 330
-        }
-      }
-    },
+      },
+    };
   });
 
-  // Get Activity Log
-  Mock.mock(/\/api\/v1\/me\/activity-log/, 'get', (options) => {
+  Mock.mock(/\/api\/v1\/me\/activity-log(?:\?.*)?$/, 'get', (options) => {
     const url = new URL(options.url, 'http://localhost');
-    const page = parseInt(url.searchParams.get('page') || '1');
-    const perPage = parseInt(url.searchParams.get('perPage') || '20');
-    
-    const activities = Mock.mock({
-      [`items|${perPage}`]: [{
-        'id|+1': 1,
-        'operation|1': ['file_upload', 'file_download', 'file_delete', 'folder_create', 'file_share', 'login'],
-        details: {
-          fileName: '@word.txt',
-          fileSize: '@integer(1024, 10485760)',
-          'action|1': ['创建', '上传', '下载', '删除', '分享']
-        },
-        ipAddress: '@ip',
-        performedAt: '@datetime("yyyy-MM-dd HH:mm:ss")'
-      }]
-    });
+    const page = Number(url.searchParams.get('page') || 1);
+    const perPage = Number(url.searchParams.get('perPage') || 20);
+    const operation = url.searchParams.get('operation');
+
+    const filtered = mockLogs.filter((item) => (operation ? item.operation === operation : true));
+    const paged = paginate(filtered, page, perPage);
 
     return {
       success: true,
       code: 200,
       data: {
-        items: activities.items,
+        items: paged.items.map((item) => ({
+          id: Number(String(item.id).replace('log_', '')),
+          operation: item.operation,
+          details: {
+            ...item.details,
+            user_agent: Mock.Random.pick([
+              'Mozilla/5.0 Chrome/123.0 Safari/537.36',
+              'Mozilla/5.0 Firefox/120.0',
+              'Mozilla/5.0 Edg/122.0',
+            ]),
+          },
+          ip_address: item.ipAddress,
+          performed_at: toDateArray(item.performedAt),
+        })),
         pagination: {
-          currentPage: page,
-          perPage: perPage,
-          totalItems: 156,
-          totalPages: Math.ceil(156 / perPage)
-        }
-      }
+          total_items: paged.pagination.totalItems,
+          total_pages: paged.pagination.totalPages,
+          per_page: paged.pagination.perPage,
+          current_page: paged.pagination.currentPage,
+          has_prev: paged.pagination.hasPrev,
+          has_next: paged.pagination.hasNext,
+        },
+      },
     };
   });
-}; 
\ No newline at end of file
+};
diff --git a/web/src/mock/handlers/usergroup.ts b/web/src/mock/handlers/usergroup.ts
index 1061e6f..cb5e961 100644
--- a/web/src/mock/handlers/usergroup.ts
+++ b/web/src/mock/handlers/usergroup.ts
@@ -1,28 +1,191 @@
 import Mock from 'mockjs';
+import { createMockId, mockUsers, paginate } from '../state';
 
-const groups = [
-  { groupId: 'group1', name: 'Developers', description: 'All software developers' },
-  { groupId: 'group2', name: 'Designers', description: 'UI/UX design team' },
-  { groupId: 'group3', name: 'Marketing', description: 'Marketing and sales' },
+const groups: Array<{
+  groupId: string;
+  name: string;
+  description?: string;
+  memberCount: number;
+  createdAt: string;
+  members: Array<{ userId: string; role: 'member' | 'admin' }>;
+}> = [
+  {
+    groupId: 'group1',
+    name: 'Developers',
+    description: 'All software developers',
+    memberCount: 2,
+    createdAt: new Date(Date.now() - 120 * 24 * 3600000).toISOString(),
+    members: [
+      { userId: 'user1', role: 'admin' },
+      { userId: 'user2', role: 'member' },
+    ],
+  },
+  {
+    groupId: 'group2',
+    name: 'Designers',
+    description: 'UI and visual designers',
+    memberCount: 1,
+    createdAt: new Date(Date.now() - 80 * 24 * 3600000).toISOString(),
+    members: [{ userId: 'user3', role: 'member' }],
+  },
+  {
+    groupId: 'group3',
+    name: 'Marketing',
+    description: 'Marketing and growth team',
+    memberCount: 1,
+    createdAt: new Date(Date.now() - 40 * 24 * 3600000).toISOString(),
+    members: [{ userId: 'user4', role: 'member' }],
+  },
 ];
 
 export const setupUserGroupMocks = () => {
-  // Get User Groups (with search)
-  Mock.mock(/\/api\/v1\/user-groups/, 'get', (options) => {
+  Mock.mock(/\/api\/v1\/user-groups(?:\?.*)?$/, 'get', (options) => {
     const url = new URL(options.url, 'http://localhost');
-    const search = url.searchParams.get('search') || '';
+    const search = (url.searchParams.get('search') || '').toLowerCase();
+    const page = Number(url.searchParams.get('page') || 1);
+    const perPage = Number(url.searchParams.get('perPage') || 20);
 
-    const filteredGroups = groups.filter(group => 
-      group.name.toLowerCase().includes(search.toLowerCase())
-    );
+    const filtered = groups.filter((group) => {
+      if (!search) return true;
+      return group.name.toLowerCase().includes(search) || (group.description || '').toLowerCase().includes(search);
+    });
+
+    const mapped = filtered.map(({ members, ...group }) => group);
+
+    return {
+      success: true,
+      code: 200,
+      data: paginate(mapped, page, perPage),
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/user-groups$/, 'post', (options) => {
+    const { name, description } = JSON.parse(options.body || '{}');
+
+    if (!name) {
+      return {
+        success: false,
+        code: 400,
+        message: 'name is required',
+        data: null,
+      };
+    }
+
+    const created = {
+      groupId: createMockId('group'),
+      name,
+      description,
+      memberCount: 0,
+      createdAt: new Date().toISOString(),
+      members: [] as Array<{ userId: string; role: 'member' | 'admin' }>,
+    };
+
+    groups.unshift(created);
+
+    return {
+      success: true,
+      code: 201,
+      data: {
+        groupId: created.groupId,
+        name: created.name,
+        description: created.description,
+        memberCount: created.memberCount,
+        createdAt: created.createdAt,
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/user-groups\/([^/]+)\/members$/, 'post', (options) => {
+    const groupId = (options.url.match(/\/api\/v1\/user-groups\/([^/]+)\/members/) || [])[1];
+    const { userId, role } = JSON.parse(options.body || '{}');
+
+    const group = groups.find((entry) => entry.groupId === groupId);
+    if (!group) {
+      return {
+        success: false,
+        code: 404,
+        message: 'Group not found',
+        data: null,
+      };
+    }
+
+    const user = mockUsers.find((entry) => entry.userId === userId);
+    if (!user) {
+      return {
+        success: false,
+        code: 404,
+        message: 'User not found',
+        data: null,
+      };
+    }
+
+    const existing = group.members.find((member) => member.userId === userId);
+    if (existing) {
+      existing.role = role;
+    } else {
+      group.members.push({ userId, role });
+      group.memberCount += 1;
+    }
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        groupId: group.groupId,
+        groupName: group.name,
+        addedUser: {
+          userId: user.userId,
+          username: user.username,
+          role,
+        },
+        totalMembers: group.memberCount,
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/user-groups\/([^/]+)\/members\/([^/]+)$/, 'delete', (options) => {
+    const groupMatch = options.url.match(/\/api\/v1\/user-groups\/([^/]+)\/members\/([^/?]+)/);
+    const groupId = groupMatch ? groupMatch[1] : '';
+    const userId = groupMatch ? groupMatch[2] : '';
+
+    const group = groups.find((entry) => entry.groupId === groupId);
+    if (!group) {
+      return {
+        success: false,
+        code: 404,
+        message: 'Group not found',
+        data: null,
+      };
+    }
+
+    const memberIndex = group.members.findIndex((member) => member.userId === userId);
+    if (memberIndex === -1) {
+      return {
+        success: false,
+        code: 404,
+        message: 'Group member not found',
+        data: null,
+      };
+    }
+
+    const [removedMember] = group.members.splice(memberIndex, 1);
+    group.memberCount = Math.max(0, group.memberCount - 1);
+
+    const user = mockUsers.find((entry) => entry.userId === userId);
 
     return {
       success: true,
       code: 200,
       data: {
-        items: filteredGroups,
-        pagination: { totalItems: filteredGroups.length, totalPages: 1, perPage: filteredGroups.length, currentPage: 1 },
+        groupId: group.groupId,
+        groupName: group.name,
+        removedUser: {
+          userId,
+          username: user?.username || userId,
+          role: removedMember.role,
+        },
+        remainingMembers: group.memberCount,
       },
     };
   });
-}; 
\ No newline at end of file
+};
diff --git a/web/src/mock/index.ts b/web/src/mock/index.ts
index d7df8f8..285f078 100644
--- a/web/src/mock/index.ts
+++ b/web/src/mock/index.ts
@@ -6,6 +6,10 @@ import { setupUserMocks } from './handlers/user';
 import { setupUserGroupMocks } from './handlers/usergroup';
 import { setupShareMocks } from './handlers/share';
 import { setupRecycleMocks } from './handlers/recycle';
+import { setupPermissionMocks } from './handlers/permission';
+import { setupNotificationMocks } from './handlers/notification';
+import { setupLogMocks } from './handlers/log';
+import { setupStorageMocks } from './handlers/storage';
 
 // Setup all mock handlers
 export const setupMocks = () => {
@@ -17,7 +21,11 @@ export const setupMocks = () => {
   setupUserGroupMocks();
   setupShareMocks();
   setupRecycleMocks();
+  setupPermissionMocks();
+  setupNotificationMocks();
+  setupLogMocks();
+  setupStorageMocks();
 };
 
 // Immediately setup mocks when this module is imported
-setupMocks(); 
\ No newline at end of file
+setupMocks(); 
diff --git a/web/src/mock/state.ts b/web/src/mock/state.ts
new file mode 100644
index 0000000..2d7faf1
--- /dev/null
+++ b/web/src/mock/state.ts
@@ -0,0 +1,272 @@
+import Mock from 'mockjs';
+import type { PermissionItem } from '../types/permission';
+import type { Share, SharedItem } from '../types/share';
+import type { NotificationItem } from '../types/notification';
+import type { LogItem } from '../types/log';
+import type { User } from '../types/user';
+
+export type MockUserRecord = User & {
+  status: 'active' | 'suspended';
+  role: 'user' | 'admin';
+};
+
+const now = () => new Date().toISOString();
+
+const randomRecentTime = (maxHours = 72) => {
+  const offset = Math.floor(Math.random() * maxHours * 60 * 60 * 1000);
+  return new Date(Date.now() - offset).toISOString();
+};
+
+let notificationId = 200;
+let logId = 1000;
+
+export const mockUsers: MockUserRecord[] = [
+  {
+    userId: 'user1',
+    username: 'Demo User',
+    email: 'demo@example.com',
+    storageLimit: 107374182400,
+    storageUsed: 21474836480,
+    createdAt: '2025-01-10T09:30:00.000Z',
+    status: 'active',
+    role: 'admin',
+  },
+  {
+    userId: 'user2',
+    username: 'Alice Chen',
+    email: 'alice@example.com',
+    storageLimit: 53687091200,
+    storageUsed: 10737418240,
+    createdAt: '2025-03-12T11:20:00.000Z',
+    status: 'active',
+    role: 'user',
+  },
+  {
+    userId: 'user3',
+    username: 'Bob Wang',
+    email: 'bob@example.com',
+    storageLimit: 53687091200,
+    storageUsed: 3435973836,
+    createdAt: '2025-06-02T08:15:00.000Z',
+    status: 'active',
+    role: 'user',
+  },
+  {
+    userId: 'user4',
+    username: 'Charlie Li',
+    email: 'charlie@example.com',
+    storageLimit: 53687091200,
+    storageUsed: 17448304640,
+    createdAt: '2025-08-01T06:05:00.000Z',
+    status: 'suspended',
+    role: 'user',
+  },
+];
+
+export const mockShares: Array<Share & { ownerUserId: string }> = [
+  {
+    shareId: 'share_1001',
+    shareLink: 'S8M3J5',
+    ownerUserId: 'user1',
+    itemType: 'file',
+    itemInfo: {
+      id: 'file2',
+      name: 'project-plan.pdf',
+      size: 256000,
+      mimeType: 'application/pdf',
+      folderPath: '/My Files',
+    },
+    settings: {
+      passwordProtected: false,
+      expireAt: null,
+      allowDownload: true,
+      allowPreview: true,
+    },
+    createdAt: randomRecentTime(),
+    visitCount: 18,
+    downloadCount: 7,
+  },
+  {
+    shareId: 'share_1002',
+    shareLink: 'X4D9Q2',
+    ownerUserId: 'user1',
+    itemType: 'folder',
+    itemInfo: {
+      id: 'folder1',
+      name: 'Work Documents',
+      size: 48370,
+      mimeType: 'inode/directory',
+      folderPath: '/My Files',
+    },
+    settings: {
+      passwordProtected: true,
+      expireAt: new Date(Date.now() + 4 * 24 * 60 * 60 * 1000).toISOString(),
+      allowDownload: true,
+      allowPreview: false,
+    },
+    createdAt: randomRecentTime(),
+    visitCount: 6,
+    downloadCount: 2,
+  },
+];
+
+export const mockSharedItems: SharedItem[] = [
+  {
+    itemType: 'file',
+    id: 'shared_file_1',
+    name: 'Q3 Financial Report.xlsx',
+    size: 1572864,
+    mimeType: 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
+    sharedBy: 'Alice Chen',
+    permission: 'write',
+    sharedAt: randomRecentTime(),
+  },
+  {
+    itemType: 'folder',
+    id: 'shared_folder_1',
+    name: 'Project Phoenix Assets',
+    size: 268435456,
+    sharedBy: 'Bob Wang',
+    permission: 'read',
+    sharedAt: randomRecentTime(),
+  },
+  {
+    itemType: 'file',
+    id: 'shared_file_2',
+    name: 'Design Mockups.fig',
+    size: 25165824,
+    mimeType: 'application/figma',
+    sharedBy: 'Charlie Li',
+    permission: 'read',
+    sharedAt: randomRecentTime(),
+  },
+];
+
+export const mockPermissions: PermissionItem[] = [
+  {
+    permissionId: 'perm_1',
+    itemType: 'file',
+    itemId: 'file2',
+    grantedTo: {
+      type: 'user',
+      id: 'user2',
+      name: 'Alice Chen',
+    },
+    permission: 'write',
+    createdAt: randomRecentTime(),
+  },
+  {
+    permissionId: 'perm_2',
+    itemType: 'folder',
+    itemId: 'folder1',
+    grantedTo: {
+      type: 'group',
+      id: 'group1',
+      name: 'Developers',
+    },
+    permission: 'read',
+    createdAt: randomRecentTime(),
+  },
+];
+
+export const mockNotifications: NotificationItem[] = [
+  {
+    id: 1,
+    message: 'Welcome to FileFlash. Your account is ready.',
+    isRead: false,
+    createdAt: randomRecentTime(),
+  },
+  {
+    id: 2,
+    message: 'Storage usage reached 80%. Consider cleanup.',
+    isRead: false,
+    createdAt: randomRecentTime(),
+  },
+  {
+    id: 3,
+    message: 'Security scan completed for uploaded files.',
+    isRead: true,
+    createdAt: randomRecentTime(),
+  },
+];
+
+export const mockLogs: LogItem[] = Array.from({ length: 40 }).map((_, index) => {
+  const operation = Mock.Random.pick([
+    'file_upload',
+    'file_download',
+    'file_delete',
+    'file_share',
+    'folder_create',
+    'user_login',
+    'virus_scan',
+    'rate_limit_trigger',
+  ]);
+
+  return {
+    id: `log_${900 + index}`,
+    operation,
+    operationName: operation.split('_').join(' '),
+    details: {
+      message: `Mock event for ${operation}`,
+      resource: Mock.Random.pick(['file2', 'file6', 'folder1', 'file8']),
+      status: Mock.Random.pick(['ok', 'ok', 'ok', 'warning']),
+    },
+    ipAddress: Mock.Random.ip(),
+    performedAt: randomRecentTime(240),
+  };
+});
+
+export function createMockId(prefix: string) {
+  return `${prefix}_${Mock.Random.string('number', 6)}`;
+}
+
+export function addNotification(message: string, isRead = false) {
+  notificationId += 1;
+  const item: NotificationItem = {
+    id: notificationId,
+    message,
+    isRead,
+    createdAt: now(),
+  };
+  mockNotifications.unshift(item);
+  return item;
+}
+
+export function addLog(operation: string, details: Record<string, string | number>) {
+  logId += 1;
+  const item: LogItem = {
+    id: `log_${logId}`,
+    operation,
+    operationName: operation.split('_').join(' '),
+    details,
+    ipAddress: Mock.Random.ip(),
+    performedAt: now(),
+  };
+  mockLogs.unshift(item);
+  return item;
+}
+
+export function paginate<T>(items: T[], page = 1, perPage = 20) {
+  const normalizedPage = Number.isFinite(page) && page > 0 ? page : 1;
+  const normalizedPerPage = Number.isFinite(perPage) && perPage > 0 ? perPage : 20;
+  const start = (normalizedPage - 1) * normalizedPerPage;
+  const sliced = items.slice(start, start + normalizedPerPage);
+  const totalItems = items.length;
+  const totalPages = Math.max(1, Math.ceil(totalItems / normalizedPerPage));
+
+  return {
+    items: sliced,
+    pagination: {
+      totalItems,
+      totalPages,
+      perPage: normalizedPerPage,
+      currentPage: normalizedPage,
+      hasPrev: normalizedPage > 1,
+      hasNext: normalizedPage < totalPages,
+    },
+  };
+}
+
+export function getCurrentUser() {
+  return mockUsers[0];
+}
diff --git a/web/src/mock/vfs.ts b/web/src/mock/vfs.ts
index 21c3412..d01ff2f 100644
--- a/web/src/mock/vfs.ts
+++ b/web/src/mock/vfs.ts
@@ -1,6 +1,5 @@
 import Mock from 'mockjs';
 
-// --- Types ---
 export interface VfsNode {
   id: string;
   name: string;
@@ -9,198 +8,496 @@ export interface VfsNode {
   children?: string[];
   size?: number;
   mimeType?: string;
-  content?: string; // Base64 encoded content for files
+  content?: string;
   createdAt: string;
   updatedAt: string;
   permission?: 'read' | 'write' | 'owner';
   isTrashed?: boolean;
   deletedAt?: string;
+  isStarred?: boolean;
+  hash?: string;
+  virusStatus?: 'clean' | 'pending' | 'flagged';
+  thumbnailUrl?: string;
 }
 
 export interface Vfs {
   [key: string]: VfsNode;
 }
 
-// --- Constants ---
-//load from .env file
 const VFS_STORAGE_KEY = import.meta.env.VFS_STORAGE_KEY || 'fileflash-vfs';
 
-// --- Initial Data ---
+function nowIso() {
+  return new Date().toISOString();
+}
+
+function newId() {
+  return Mock.Random.guid();
+}
+
 const initialVfs: Vfs = {
-  'root': { id: 'root', name: 'My Files', type: 'folder', parent: null, children: ['folder1', 'file1', 'file3', 'file4', 'file5', 'file6'], createdAt: new Date().toISOString(), updatedAt: new Date().toISOString(), permission: 'owner' },
-  'folder1': { id: 'folder1', name: 'Work Documents', type: 'folder', parent: 'root', children: ['file2'], createdAt: new Date().toISOString(), updatedAt: new Date().toISOString(), permission: 'owner' },
-  'file1': { id: 'file1', name: 'notes.txt', type: 'file', parent: 'root', size: 1024, mimeType: 'text/plain', createdAt: new Date().toISOString(), updatedAt: new Date().toISOString(), permission: 'owner' },
-  'file2': { id: 'file2', name: 'project-brief.docx', type: 'file', parent: 'folder1', size: 20480, mimeType: 'application/vnd.openxmlformats-officedocument.wordprocessingml.document', createdAt: new Date().toISOString(), updatedAt: new Date().toISOString(), permission: 'owner' },
-  'file3': { id: 'file3', name: 'main.py', type: 'file', parent: 'root', size: 5120, mimeType: 'text/x-python', createdAt: new Date().toISOString(), updatedAt: new Date().toISOString(), permission: 'owner' },
-  'file4': { id: 'file4', name: 'archive.zip', type: 'file', parent: 'root', size: 102400, mimeType: 'application/zip', createdAt: new Date().toISOString(), updatedAt: new Date().toISOString(), permission: 'owner' },
-  'file5': { id: 'file5', name: 'logo.png', type: 'file', parent: 'root', size: 12288, mimeType: 'image/png', createdAt: new Date().toISOString(), updatedAt: new Date().toISOString(), permission: 'owner' },
-  'file6': { id: 'file6', name: 'installer.exe', type: 'file', parent: 'root', size: 512000, mimeType: 'application/x-msdownload', createdAt: new Date().toISOString(), updatedAt: new Date().toISOString(), permission: 'owner' },
+  root: {
+    id: 'root',
+    name: 'My Files',
+    type: 'folder',
+    parent: null,
+    children: ['folder1', 'folder2', 'file1', 'file2', 'file3', 'file4', 'file5'],
+    createdAt: nowIso(),
+    updatedAt: nowIso(),
+    permission: 'owner',
+  },
+  folder1: {
+    id: 'folder1',
+    name: 'Work Documents',
+    type: 'folder',
+    parent: 'root',
+    children: ['file6', 'file7'],
+    createdAt: nowIso(),
+    updatedAt: nowIso(),
+    permission: 'owner',
+  },
+  folder2: {
+    id: 'folder2',
+    name: 'Media',
+    type: 'folder',
+    parent: 'root',
+    children: ['file8', 'file9'],
+    createdAt: nowIso(),
+    updatedAt: nowIso(),
+    permission: 'owner',
+  },
+  file1: {
+    id: 'file1',
+    name: 'notes.txt',
+    type: 'file',
+    parent: 'root',
+    size: 1024,
+    mimeType: 'text/plain',
+    createdAt: nowIso(),
+    updatedAt: nowIso(),
+    permission: 'owner',
+    isStarred: true,
+    hash: 'mock-hash-file1',
+    virusStatus: 'clean',
+  },
+  file2: {
+    id: 'file2',
+    name: 'project-plan.pdf',
+    type: 'file',
+    parent: 'root',
+    size: 256000,
+    mimeType: 'application/pdf',
+    createdAt: nowIso(),
+    updatedAt: nowIso(),
+    permission: 'owner',
+    hash: 'mock-hash-file2',
+    virusStatus: 'clean',
+  },
+  file3: {
+    id: 'file3',
+    name: 'cover.jpg',
+    type: 'file',
+    parent: 'root',
+    size: 98000,
+    mimeType: 'image/jpeg',
+    createdAt: nowIso(),
+    updatedAt: nowIso(),
+    permission: 'owner',
+    thumbnailUrl: '/src/assets/image.svg',
+    virusStatus: 'clean',
+  },
+  file4: {
+    id: 'file4',
+    name: 'archive.zip',
+    type: 'file',
+    parent: 'root',
+    size: 102400,
+    mimeType: 'application/zip',
+    createdAt: nowIso(),
+    updatedAt: nowIso(),
+    permission: 'owner',
+    virusStatus: 'clean',
+  },
+  file5: {
+    id: 'file5',
+    name: 'README.md',
+    type: 'file',
+    parent: 'root',
+    size: 2048,
+    mimeType: 'text/markdown',
+    createdAt: nowIso(),
+    updatedAt: nowIso(),
+    permission: 'owner',
+    virusStatus: 'clean',
+  },
+  file6: {
+    id: 'file6',
+    name: 'release-notes.docx',
+    type: 'file',
+    parent: 'folder1',
+    size: 30480,
+    mimeType: 'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
+    createdAt: nowIso(),
+    updatedAt: nowIso(),
+    permission: 'owner',
+    virusStatus: 'clean',
+  },
+  file7: {
+    id: 'file7',
+    name: 'budget.xlsx',
+    type: 'file',
+    parent: 'folder1',
+    size: 17890,
+    mimeType: 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
+    createdAt: nowIso(),
+    updatedAt: nowIso(),
+    permission: 'owner',
+    virusStatus: 'clean',
+  },
+  file8: {
+    id: 'file8',
+    name: 'intro.mp3',
+    type: 'file',
+    parent: 'folder2',
+    size: 4500030,
+    mimeType: 'audio/mpeg',
+    createdAt: nowIso(),
+    updatedAt: nowIso(),
+    permission: 'owner',
+    isStarred: true,
+    virusStatus: 'clean',
+  },
+  file9: {
+    id: 'file9',
+    name: 'walkthrough.mp4',
+    type: 'file',
+    parent: 'folder2',
+    size: 25000000,
+    mimeType: 'video/mp4',
+    createdAt: nowIso(),
+    updatedAt: nowIso(),
+    permission: 'owner',
+    virusStatus: 'clean',
+  },
 };
 
-// --- VFS Singleton ---
 let vfs: Vfs;
 
 function saveVfs() {
   localStorage.setItem(VFS_STORAGE_KEY, JSON.stringify(vfs));
 }
 
+function sanitizeVfs(input: Vfs): Vfs {
+  const sanitized: Vfs = { ...input };
+
+  Object.values(sanitized).forEach((node) => {
+    if (node.type === 'folder') {
+      const children = Array.isArray(node.children) ? node.children : [];
+      const deduped = Array.from(new Set(children)).filter((childId) => Boolean(sanitized[childId]));
+      node.children = deduped;
+    }
+  });
+
+  return sanitized;
+}
+
 function loadVfs(): Vfs {
   const storedVfs = localStorage.getItem(VFS_STORAGE_KEY);
-  if (storedVfs) {
-    try {
-      const parsed = JSON.parse(storedVfs);
-      
-      // 验证VFS数据完整性
-      if (parsed.root && parsed.root.children) {
-        const rootChildren = parsed.root.children;
-        const childIds = new Set();
-        let hasDuplicates = false;
-        
-        rootChildren.forEach((childId: string) => {
-          if (childIds.has(childId)) {
-            hasDuplicates = true;
-            console.error('🚨 VFS: Duplicate child ID detected:', childId);
-          }
-          childIds.add(childId);
-        });
-        
-        if (hasDuplicates) {
-          console.log('🔧 VFS: Cleaning up duplicate children in root folder');
-          parsed.root.children = [...childIds]; // Remove duplicates
-        }
-      }
-      
-      return parsed;
-    } catch (e) {
-      console.error("Failed to parse VFS from localStorage, resetting.", e);
+  if (!storedVfs) {
+    return JSON.parse(JSON.stringify(initialVfs));
+  }
+
+  try {
+    const parsed = JSON.parse(storedVfs) as Vfs;
+    if (!parsed.root || parsed.root.type !== 'folder') {
+      return JSON.parse(JSON.stringify(initialVfs));
     }
+    return sanitizeVfs(parsed);
+  } catch {
+    return JSON.parse(JSON.stringify(initialVfs));
+  }
+}
+
+function ensureFolder(nodeId: string) {
+  const node = vfs[nodeId];
+  if (!node || node.type !== 'folder') {
+    throw new Error(`Folder ${nodeId} not found`);
+  }
+  if (!Array.isArray(node.children)) {
+    node.children = [];
   }
-  return initialVfs;
+  return node;
+}
+
+function removeChild(parentId: string | null, childId: string) {
+  if (!parentId) return;
+  const parent = vfs[parentId];
+  if (!parent || parent.type !== 'folder' || !parent.children) return;
+  parent.children = parent.children.filter((id) => id !== childId);
+}
+
+function appendChild(parentId: string, childId: string) {
+  const parent = ensureFolder(parentId);
+  if (!parent.children!.includes(childId)) {
+    parent.children!.push(childId);
+  }
+}
+
+function cloneNodeRecursively(sourceId: string, targetParentId: string, newName?: string): string {
+  const source = vfs[sourceId];
+  if (!source) throw new Error('Source node not found');
+
+  const nodeId = newId();
+  const timestamp = nowIso();
+  const copy: VfsNode = {
+    ...source,
+    id: nodeId,
+    parent: targetParentId,
+    name: newName ?? source.name,
+    createdAt: timestamp,
+    updatedAt: timestamp,
+    isTrashed: false,
+    deletedAt: undefined,
+    isStarred: false,
+  };
+
+  if (copy.type === 'folder') {
+    copy.children = [];
+  }
+
+  vfs[nodeId] = copy;
+  appendChild(targetParentId, nodeId);
+
+  if (source.type === 'folder' && source.children) {
+    source.children.forEach((childId) => {
+      cloneNodeRecursively(childId, nodeId);
+    });
+  }
+
+  return nodeId;
+}
+
+function markSubtree(nodeId: string, updater: (node: VfsNode) => void) {
+  const node = vfs[nodeId];
+  if (!node) return;
+
+  updater(node);
+  if (node.type === 'folder' && node.children) {
+    node.children.forEach((childId) => markSubtree(childId, updater));
+  }
+}
+
+function collectSubtreeStats(nodeId: string): { totalSize: number; fileCount: number; folderCount: number } {
+  const node = vfs[nodeId];
+  if (!node || node.isTrashed) {
+    return { totalSize: 0, fileCount: 0, folderCount: 0 };
+  }
+
+  if (node.type === 'file') {
+    return { totalSize: node.size || 0, fileCount: 1, folderCount: 0 };
+  }
+
+  let totalSize = 0;
+  let fileCount = 0;
+  let folderCount = 1;
+
+  (node.children || []).forEach((childId) => {
+    const childStats = collectSubtreeStats(childId);
+    totalSize += childStats.totalSize;
+    fileCount += childStats.fileCount;
+    folderCount += childStats.folderCount;
+  });
+
+  return { totalSize, fileCount, folderCount };
 }
 
-// Initialize VFS
 vfs = loadVfs();
-saveVfs(); // Ensure it's saved on first load if it didn't exist
+saveVfs();
 
-// --- VFS API ---
 export const vfsApi = {
   get: (id: string): VfsNode | undefined => vfs[id],
+
   getAll: (): Vfs => vfs,
-  
+
   getChildren: (folderId: string): VfsNode[] => {
     const parent = vfs[folderId];
-    if (parent && parent.type === 'folder' && parent.children) {
-      return parent.children
-        .map(id => vfs[id])
-        .filter(Boolean)
-        .filter(item => !item.isTrashed); // Filter out trashed items from normal view
+    if (!parent || parent.type !== 'folder' || !parent.children) {
+      return [];
     }
-    return [];
+
+    return parent.children
+      .map((id) => vfs[id])
+      .filter((node): node is VfsNode => Boolean(node))
+      .filter((node) => !node.isTrashed);
   },
-  
+
   getPath: (id: string): VfsNode[] => {
     const path: VfsNode[] = [];
     let current: VfsNode | undefined = vfs[id];
+
     while (current) {
       path.unshift(current);
       current = current.parent ? vfs[current.parent] : undefined;
     }
+
     return path;
   },
 
+  search: (folderId: string, query: string): VfsNode[] => {
+    const lowerQuery = query.trim().toLowerCase();
+    if (!lowerQuery) return [];
+
+    const results: VfsNode[] = [];
+
+    const walk = (nodeId: string) => {
+      const node = vfs[nodeId];
+      if (!node || node.isTrashed) return;
+
+      if (node.id !== folderId && node.name.toLowerCase().includes(lowerQuery)) {
+        results.push(node);
+      }
+
+      if (node.type === 'folder' && node.children) {
+        node.children.forEach((childId) => walk(childId));
+      }
+    };
+
+    walk(folderId);
+    return results;
+  },
+
   createFile: (parentId: string, fileName: string, size: number, mimeType: string, content?: string): VfsNode => {
-    const newId = Mock.Random.guid();
-    const now = new Date().toISOString();
-    const newFile: VfsNode = {
-      id: newId,
+    ensureFolder(parentId);
+
+    const timestamp = nowIso();
+    const file: VfsNode = {
+      id: newId(),
       name: fileName,
       type: 'file',
       parent: parentId,
       size,
       mimeType,
       content,
-      createdAt: now,
-      updatedAt: now,
-      permission: 'owner', // New files created by the user are owned by them
+      createdAt: timestamp,
+      updatedAt: timestamp,
+      permission: 'owner',
+      isStarred: false,
+      hash: `mock-hash-${Mock.Random.string('lower', 12)}`,
+      virusStatus: 'clean',
     };
-    vfs[newId] = newFile;
-    // Ensure parent folder exists and has a children array
-    if (vfs[parentId] && vfs[parentId].children) {
-      vfs[parentId].children?.push(newId);
-    }
+
+    vfs[file.id] = file;
+    appendChild(parentId, file.id);
     saveVfs();
-    return newFile;
+    return file;
   },
-  
+
   createFolder: (parentId: string, folderName: string): VfsNode => {
-    const newId = Mock.Random.guid();
-    const now = new Date().toISOString();
-    const newFolder: VfsNode = {
-      id: newId,
+    ensureFolder(parentId);
+
+    const timestamp = nowIso();
+    const folder: VfsNode = {
+      id: newId(),
       name: folderName,
       type: 'folder',
       parent: parentId,
       children: [],
-      createdAt: now,
-      updatedAt: now,
+      createdAt: timestamp,
+      updatedAt: timestamp,
       permission: 'owner',
+      isStarred: false,
     };
-    vfs[newId] = newFolder;
-    // Ensure parent folder exists and has a children array
-    if (vfs[parentId] && vfs[parentId].children) {
-      vfs[parentId].children?.push(newId);
-    }
+
+    vfs[folder.id] = folder;
+    appendChild(parentId, folder.id);
     saveVfs();
-    return newFolder;
+    return folder;
   },
 
   rename: (id: string, newName: string): VfsNode => {
-    vfs[id].name = newName;
-    vfs[id].updatedAt = new Date().toISOString();
+    const node = vfs[id];
+    if (!node) {
+      throw new Error('Node not found');
+    }
+
+    node.name = newName;
+    node.updatedAt = nowIso();
     saveVfs();
-    return vfs[id];
+    return node;
   },
-  
+
   move: (id: string, targetParentId: string): VfsNode => {
+    if (id === 'root') {
+      throw new Error('Root folder cannot be moved');
+    }
+
     const node = vfs[id];
-    if (!node) throw new Error("Node to move not found");
-
-    const oldParentId = node.parent;
-    if (oldParentId && vfs[oldParentId]?.children) {
-      const children = vfs[oldParentId].children!;
-      const index = children.indexOf(id);
-      if (index > -1) {
-        children.splice(index, 1);
+    if (!node) {
+      throw new Error('Node not found');
+    }
+
+    ensureFolder(targetParentId);
+
+    if (node.parent === targetParentId) {
+      return node;
+    }
+
+    if (node.type === 'folder') {
+      let cursor = targetParentId;
+      while (cursor) {
+        if (cursor === id) {
+          throw new Error('Cannot move a folder into itself');
+        }
+        const cursorNode = vfs[cursor];
+        cursor = cursorNode?.parent || '';
       }
     }
-    
+
+    removeChild(node.parent, id);
     node.parent = targetParentId;
-    vfs[targetParentId].children?.push(id);
-    node.updatedAt = new Date().toISOString();
-    
+    node.updatedAt = nowIso();
+    appendChild(targetParentId, id);
+    saveVfs();
+    return node;
+  },
+
+  copy: (id: string, targetParentId: string, newName?: string): VfsNode => {
+    ensureFolder(targetParentId);
+    const newIdValue = cloneNodeRecursively(id, targetParentId, newName);
+    const copied = vfs[newIdValue];
+    saveVfs();
+    return copied;
+  },
+
+  setStarred: (id: string, isStarred: boolean): VfsNode => {
+    const node = vfs[id];
+    if (!node) {
+      throw new Error('Node not found');
+    }
+
+    node.isStarred = isStarred;
+    node.updatedAt = nowIso();
     saveVfs();
     return node;
   },
 
+  getStarred: (): VfsNode[] => {
+    return Object.values(vfs).filter((node) => !node.isTrashed && node.id !== 'root' && node.isStarred);
+  },
+
   delete: (id: string) => {
+    if (id === 'root') return;
     const node = vfs[id];
     if (!node) return;
 
-    // Remove from parent's children list
-    if (node.parent && vfs[node.parent]?.children) {
-      const children = vfs[node.parent].children!;
-      const index = children.indexOf(id);
-      if (index > -1) {
-        children.splice(index, 1);
-      }
-    }
+    removeChild(node.parent, id);
 
-    // Mark as trashed
-    node.isTrashed = true;
-    node.deletedAt = new Date().toISOString();
+    const deletedAt = nowIso();
+    markSubtree(id, (entry) => {
+      entry.isTrashed = true;
+      entry.deletedAt = deletedAt;
+      entry.updatedAt = deletedAt;
+    });
 
-    // No recursive action. If a folder is deleted, its children are still in the VFS
-    // but are effectively inaccessible until the parent folder is restored.
     saveVfs();
   },
 
@@ -208,75 +505,113 @@ export const vfsApi = {
     const node = vfs[id];
     if (!node) return;
 
-    // Un-mark as trashed
-    node.isTrashed = false;
-    delete node.deletedAt;
+    const restoreAncestors = (nodeId: string) => {
+      const current = vfs[nodeId];
+      if (!current || !current.parent) return;
+      const parent = vfs[current.parent];
+      if (!parent) return;
 
-    // Add back to parent's children list
-    if (node.parent && vfs[node.parent]?.children) {
-      if (!vfs[node.parent].children!.includes(id)) {
-        vfs[node.parent].children!.push(id);
+      if (parent.isTrashed) {
+        restoreAncestors(parent.id);
+        parent.isTrashed = false;
+        parent.deletedAt = undefined;
       }
-    }
-    
-    // If a folder is restored, we need to recursively restore its children
-    if (node.type === 'folder' && node.children) {
-        // This is tricky. The simplest way is to not recursively trash.
-        // Let's assume for now children are not marked as trashed when parent is.
-    }
+
+      appendChild(parent.id, current.id);
+    };
+
+    restoreAncestors(id);
+
+    markSubtree(id, (entry) => {
+      entry.isTrashed = false;
+      entry.deletedAt = undefined;
+      entry.updatedAt = nowIso();
+    });
 
     saveVfs();
   },
-  
+
   permanentDelete: (id: string) => {
+    if (id === 'root') return;
     const node = vfs[id];
     if (!node) return;
-    
-    // Recursively delete children if it's a folder
-    if (node.type === 'folder' && node.children) {
-      // Make a copy of children array before iterating
-      [...node.children].forEach(childId => vfsApi.permanentDelete(childId));
-    }
-    
-    // Parent's children list is already updated when item was trashed.
-    
-    delete vfs[id];
+
+    removeChild(node.parent, id);
+
+    const erase = (nodeId: string) => {
+      const target = vfs[nodeId];
+      if (!target) return;
+      if (target.type === 'folder' && target.children) {
+        [...target.children].forEach((childId) => erase(childId));
+      }
+      delete vfs[nodeId];
+    };
+
+    erase(id);
     saveVfs();
   },
 
-  // --- Development helpers ---
+  clearRecycleBin: () => {
+    const trashedNodes = Object.values(vfs)
+      .filter((node) => node.isTrashed)
+      .sort((a, b) => (b.type === 'folder' ? 1 : 0) - (a.type === 'folder' ? 1 : 0));
+
+    let fileCount = 0;
+    let folderCount = 0;
+    let totalSize = 0;
+
+    trashedNodes.forEach((node) => {
+      if (!vfs[node.id]) return;
+      if (node.type === 'file') {
+        fileCount += 1;
+        totalSize += node.size || 0;
+      } else {
+        folderCount += 1;
+      }
+      vfsApi.permanentDelete(node.id);
+    });
+
+    saveVfs();
+    return {
+      filesDeleted: fileCount,
+      foldersDeleted: folderCount,
+      totalStorageFreed: totalSize,
+    };
+  },
+
+  getFolderStats: (folderId: string) => {
+    const node = vfs[folderId];
+    if (!node || node.type !== 'folder') {
+      throw new Error('Folder not found');
+    }
+
+    const stats = collectSubtreeStats(folderId);
+    return {
+      totalSize: stats.totalSize,
+      fileCount: stats.fileCount,
+      folderCount: Math.max(stats.folderCount - 1, 0),
+    };
+  },
+
   resetVfs: () => {
-    console.log('🔄 Resetting VFS to initial state...');
-    vfs = JSON.parse(JSON.stringify(initialVfs)); // Deep clone
+    vfs = JSON.parse(JSON.stringify(initialVfs));
     saveVfs();
-    console.log('✅ VFS reset complete');
     return vfs;
   },
-  
+
   debugVfs: () => {
-    console.log('🔍 VFS Debug Info:');
-    console.log('Root children:', vfs.root?.children);
-    console.log('All nodes:', Object.keys(vfs));
-    
-    if (vfs.root?.children) {
-      const duplicates = vfs.root.children.filter((id, index, arr) => arr.indexOf(id) !== index);
-      if (duplicates.length > 0) {
-        console.error('❌ Found duplicate children:', duplicates);
-      } else {
-        console.log('✅ No duplicate children found');
-      }
-    }
-    
-    return vfs;
+    return {
+      nodes: Object.keys(vfs).length,
+      rootChildren: vfs.root?.children || [],
+      trashed: Object.values(vfs).filter((node) => node.isTrashed).map((node) => node.id),
+    };
   },
 };
 
-// 在开发环境中暴露调试功能到全局
 if (import.meta.env.DEV) {
   (window as any).vfsDebug = {
     reset: vfsApi.resetVfs,
     debug: vfsApi.debugVfs,
-    getVfs: vfsApi.getAll
+    getVfs: vfsApi.getAll,
   };
-  console.log('🛠️ VFS Debug tools available: vfsDebug.reset(), vfsDebug.debug(), vfsDebug.getVfs()');
-} 
\ No newline at end of file
+}

From 2347aa2036bca0f136839561b44b1e276a65e950 Mon Sep 17 00:00:00 2001
From: 0neStep <146049978+AperturePlus@users.noreply.github.com>
Date: Sat, 21 Mar 2026 15:47:12 +0800
Subject: [PATCH 4/8] feat(web-core): extend api clients and routing for
 sharing, admin and password reset

---
 web/src/api/file.ts         |  22 ++++++-
 web/src/api/folder.ts       |  12 +++-
 web/src/api/notification.ts |   8 ++-
 web/src/api/recycle.ts      |   4 +-
 web/src/api/share.ts        |  10 +++-
 web/src/api/storage.ts      |   6 +-
 web/src/api/user.ts         |  35 +++++++++++-
 web/src/router/gurad.ts     |   2 +-
 web/src/router/routes.ts    |   5 ++
 web/src/store/file.ts       | 111 ++++++------------------------------
 web/src/types/file.d.ts     |   6 +-
 web/src/utils/eventBus.ts   |   3 +-
 web/src/utils/http.ts       |   7 +--
 13 files changed, 116 insertions(+), 115 deletions(-)

diff --git a/web/src/api/file.ts b/web/src/api/file.ts
index 3ab9632..8e724a6 100644
--- a/web/src/api/file.ts
+++ b/web/src/api/file.ts
@@ -1,10 +1,10 @@
 import http from '../utils/http';
 import type {
-  PaginatedData,
-  ApiResponse
+  PaginatedData
 } from '../types/base';
 import type {
   FileItem,
+  ContentItem,
   FileDetails,
   GetFilesRequest,
   RenameFileRequest,
@@ -53,6 +53,13 @@ export const getFiles = (params: GetFilesRequest) => {
   return http.get<PaginatedData<FileItem>>('/files', params);
 };
 
+/**
+ * 获取已星标文件与文件夹
+ */
+export const getStarredFiles = () => {
+  return http.get<PaginatedData<ContentItem>>('/files/starred');
+};
+
 /**
  * 获取文件详情
  * @param fileId 文件ID
@@ -112,6 +119,15 @@ export const moveFile = (fileId: string, data: MoveFileRequest) => {
   return http.patch<{ fileId: string; targetFolderId: string; movedAt: string }>(`/files/${fileId}/move`, data);
 };
 
+/**
+ * 设置文件星标状态
+ * @param fileId 文件ID
+ * @param isStarred 是否星标
+ */
+export const toggleFileStar = (fileId: string, isStarred: boolean) => {
+  return http.patch<FileDetails>(`/files/${fileId}/star`, { isStarred });
+};
+
 /**
  * 复制文件
  * @param fileId 文件ID
@@ -153,4 +169,4 @@ interface ResponseData {
   processed: number;
   action: string; 
   succeeded: number;
-}
\ No newline at end of file
+}
diff --git a/web/src/api/folder.ts b/web/src/api/folder.ts
index 127a7c9..378db19 100644
--- a/web/src/api/folder.ts
+++ b/web/src/api/folder.ts
@@ -3,7 +3,6 @@ import type { PaginatedData } from '../types/base';
 import type {
   ContentItem,
   GetFolderContentsRequest,
-  FolderPathResponse,
   FolderItem,
   CreateFolderRequest,
   RenameFolderRequest,
@@ -113,4 +112,13 @@ export const getFolderSize = (folderId: string) => {
  */
 export const copyFolder = (folderId: string, data: { targetParentId: string; newName?: string }) => {
   return http.post<FolderItem>(`/folders/${folderId}/copy`, data);
-}; 
\ No newline at end of file
+};
+
+/**
+ * 设置文件夹星标状态
+ * @param folderId 文件夹ID
+ * @param isStarred 是否星标
+ */
+export const toggleFolderStar = (folderId: string, isStarred: boolean) => {
+  return http.patch<FolderItem>(`/folders/${folderId}/star`, { isStarred });
+};
diff --git a/web/src/api/notification.ts b/web/src/api/notification.ts
index 8ee5f30..4298cdb 100644
--- a/web/src/api/notification.ts
+++ b/web/src/api/notification.ts
@@ -1,5 +1,5 @@
 import http from '../utils/http';
-import type { NotificationsList, GetNotificationsRequest } from '../types/notification';
+import type { NotificationsList, GetNotificationsRequest, NotificationItem } from '../types/notification';
 
 export const getNotifications = (params: GetNotificationsRequest) => {
   return http.get<NotificationsList>('/notifications', params);
@@ -15,4 +15,8 @@ export const markAllAsRead = () => {
 
 export const deleteNotification = (notificationId: string) => {
   return http.delete<{ notificationId: string }>(`/notifications/${notificationId}`);
-}; 
\ No newline at end of file
+};
+
+export const broadcastNotification = (message: string) => {
+  return http.post<NotificationItem>('/notifications/broadcast', { message });
+};
diff --git a/web/src/api/recycle.ts b/web/src/api/recycle.ts
index b38cd27..e8309b3 100644
--- a/web/src/api/recycle.ts
+++ b/web/src/api/recycle.ts
@@ -27,7 +27,7 @@ export const restoreItem = (itemId: string, data: RestoreRecycleItemRequest) =>
  * @param itemType 项目类型
  * @returns 删除后的项目信息
  */
-export const permanentDelete = (itemId: string, itemType: string) => {
+export const permanentDelete = (itemId: string, _itemType: string) => {
   return http.delete<{ }>(`/recycle-bin/${itemId}`);
 };
 
@@ -37,4 +37,4 @@ export const permanentDelete = (itemId: string, itemType: string) => {
  */
 export const clearRecycleBin = () => {
   return http.delete<{ filesDeleted: number; foldersDeleted: number; totalStorageFreed: number; cleanupCompletedAt: string }>('/recycle-bin');
-}; 
\ No newline at end of file
+}; 
diff --git a/web/src/api/share.ts b/web/src/api/share.ts
index c9622e7..45f0de0 100644
--- a/web/src/api/share.ts
+++ b/web/src/api/share.ts
@@ -62,4 +62,12 @@ export const deleteShare = (shareLink: string) => {
  */
 export const getSharedItems = (params: GetSharedItemsRequest) => {
   return http.get<PaginatedData<SharedItem>>('/shared-items', params);
-}; 
\ No newline at end of file
+};
+
+/**
+ * 接受他人共享的文件/文件夹到我的文件
+ * @param itemId 共享项目ID
+ */
+export const acceptSharedItem = (itemId: string) => {
+  return http.post<{ accepted: boolean; acceptedAt: string; itemId: string }>(`/shared-items/${itemId}/accept`);
+};
diff --git a/web/src/api/storage.ts b/web/src/api/storage.ts
index 4426bb3..6430771 100644
--- a/web/src/api/storage.ts
+++ b/web/src/api/storage.ts
@@ -31,4 +31,8 @@ export const getStorageSummary = async () => {
  */
 export const getUsageTrend = (params: GetUsageTrendRequest) => {
   return http.get<StorageUsageTrend>('/storage/usage-trend', params);
-}; 
\ No newline at end of file
+};
+
+export const getStorageUsers = () => {
+  return http.get<any>('/admin/storage/users');
+};
diff --git a/web/src/api/user.ts b/web/src/api/user.ts
index 8090b59..af8b015 100644
--- a/web/src/api/user.ts
+++ b/web/src/api/user.ts
@@ -74,6 +74,23 @@ export const register = (data: RegisterRequest) => {
   return http.post<UserProfile>('/auth/register', data);
 };
 
+/**
+ * 找回密码 - 发送重置邮件
+ * @param email 邮箱地址
+ */
+export const forgotPassword = (email: string) => {
+  return http.post<{ requestId: string; expiresInMinutes: number }>('/auth/forgot-password', { email });
+};
+
+/**
+ * 重置密码
+ * @param token 重置令牌
+ * @param newPassword 新密码
+ */
+export const resetPassword = (token: string, newPassword: string) => {
+  return http.post<void>('/auth/reset-password', { token, newPassword });
+};
+
 /**
  * 用户登录
  * @param data 登录凭据
@@ -151,4 +168,20 @@ export const getActivityLog = async (params: GetActivityLogRequest) => {
  */
 export const getUsers = (params: { search?: string; page?: number; perPage?: number }) => {
   return http.get<PaginatedData<User>>('/users', params);
-}; 
\ No newline at end of file
+};
+
+export const getAdminUsers = (params: { page?: number; perPage?: number }) => {
+  return http.get<PaginatedData<any>>('/admin/users', params);
+};
+
+export const updateUserStatus = (userId: string, status: 'active' | 'suspended') => {
+  return http.patch<{ userId: string; status: string; updatedAt: string }>(`/admin/users/${userId}/status`, { status });
+};
+
+export const getViolations = () => {
+  return http.get<PaginatedData<any>>('/admin/violations');
+};
+
+export const resolveViolation = (violationId: string) => {
+  return http.post<{ violationId: string; resolvedAt: string }>(`/admin/violations/${violationId}/resolve`);
+};
diff --git a/web/src/router/gurad.ts b/web/src/router/gurad.ts
index 9bfab95..cf2f769 100644
--- a/web/src/router/gurad.ts
+++ b/web/src/router/gurad.ts
@@ -5,7 +5,7 @@ const LOGIN_ROUTE_NAME = 'Login';
 const HOME_ROUTE_NAME = 'Home';
 
 export function createRouterGuard(router: Router) {
-  router.beforeEach((to, from, next) => {
+  router.beforeEach((to, _from, next) => {
     const userStore = useUserStore();
     const isLoggedIn = !!userStore.token;
 
diff --git a/web/src/router/routes.ts b/web/src/router/routes.ts
index b650041..d5d8548 100644
--- a/web/src/router/routes.ts
+++ b/web/src/router/routes.ts
@@ -12,6 +12,11 @@ export const routes: Array<RouteRecordRaw> = [
     name: 'Register',
     component: () => import('../pages/register/index.ts'),
   },
+  {
+    path: '/forgot-password',
+    name: 'ForgotPassword',
+    component: () => import('../pages/forgot-password/index.ts'),
+  },
   
   {
     path: '/',
diff --git a/web/src/store/file.ts b/web/src/store/file.ts
index 81cdd1c..b452d47 100644
--- a/web/src/store/file.ts
+++ b/web/src/store/file.ts
@@ -12,76 +12,30 @@ export const useFileStore = defineStore('file', () => {
 
   async function fetchFolderContents(folderId: string) {
     isLoading.value = true;
-    selectedFile.value = null; // Reset selection when navigating
+    selectedFile.value = null;
+
     try {
-      console.log(`正在获取文件夹内容: ${folderId}`);
-      
-      // Fetch folder contents and path concurrently
       const [contentsResponse, pathResponse] = await Promise.all([
         getFolderContents({ folderId }),
         getFolderPath(folderId),
       ]);
-      
-      console.log('Contents response:', contentsResponse);
-      console.log('Path response:', pathResponse);
-      
-      // Validate responses - 更宽松的验证
-      if (!contentsResponse) {
-        throw new Error(`No contents response for folder ${folderId}`);
-      }
-      if (!pathResponse) {
-        throw new Error(`No path response for folder ${folderId}`);
-      }
-      
-      // 检查数据结构并适配 - 更灵活的数据提取
-      let responseItems = [];
-      let pathItems = [];
-      
-      // 尝试多种可能的数据结构
-      if (contentsResponse.items) {
-        responseItems = contentsResponse.items;
-      } else if (contentsResponse.data) {
-        responseItems = contentsResponse.data;
-      } else if (Array.isArray(contentsResponse)) {
-        responseItems = contentsResponse;
-      }
-      
-      // 处理路径数据
-      if (Array.isArray(pathResponse)) {
-        pathItems = pathResponse;
-      } else if (pathResponse.pathItems) {
-        pathItems = pathResponse.pathItems;
-      } else if (pathResponse.data) {
-        pathItems = pathResponse.data;
-      }
-      
-      console.log('Processed items:', responseItems);
-      console.log('Processed path:', pathItems);
-      
-      // 如果是根文件夹，确保路径显示为 "My Files"
+
+      items.value = contentsResponse.items;
+
       if (folderId === 'root') {
-        pathItems = [
-          {
-            folderId: 'root',
-            name: 'My Files'
-          }
-        ];
+        path.value = [{ folderId: 'root', name: 'My Files' }];
       } else {
-        // 处理其他路径，替换任何 root 为 "My Files"
-        pathItems = pathItems.map((pathItem: any) => ({
-          ...pathItem,
-          name: pathItem.name === 'root' ? 'My Files' : pathItem.name
+        path.value = pathResponse.pathItems.map((item) => ({
+          ...item,
+          name: item.folderId === 'root' ? 'My Files' : item.name,
         }));
       }
 
-      // Set store state
-      items.value = responseItems;
-      path.value = pathItems;
       currentFolderId.value = folderId;
-
     } catch (error) {
       console.error(`Failed to fetch contents for folder ${folderId}:`, error);
-      // Handle error, maybe show a notification to the user
+      items.value = [];
+      path.value = [{ folderId: 'root', name: 'My Files' }];
     } finally {
       isLoading.value = false;
     }
@@ -93,47 +47,16 @@ export const useFileStore = defineStore('file', () => {
 
   async function searchInFolder(folderId: string, query: string): Promise<ContentItem[]> {
     try {
-      const response = await getFolderContents({ 
-        folderId, 
-        search: query 
-      });
-      
-      let actualItems = response.items;
-
-      // 特殊处理 root 文件夹的情况 - 与其他地方保持一致
-      if (folderId === 'root' && actualItems.length === 1 && actualItems[0].name === 'root' && actualItems[0].itemType === 'folder') {
-        const rootFolderId = actualItems[0].id.toString();
-        const rootSearchResponse = await getFolderContents({ 
-          folderId: rootFolderId, 
-          search: query 
-        });
-        actualItems = rootSearchResponse.items;
-      }
-
-      return actualItems;
+      const response = await getFolderContents({ folderId, search: query });
+      return response.items;
     } catch (error) {
-      console.error(`Failed to search in folder ${folderId} with query "${query}":`, error);
+      console.error(`Failed to search in folder ${folderId} with query \"${query}\":`, error);
       throw error;
     }
   }
 
   function removeItems(itemIds: string[]) {
-    console.log('removeItems called with:', itemIds);
-    console.log('Current items before filter:', items.value.map(item => ({ id: item.id, name: item.name })));
-    
-    // 从当前文件夹中移除指定的项目
-    const itemsBefore = items.value.length;
-    items.value = items.value.filter(item => {
-      const shouldKeep = !itemIds.includes(item.id);
-      if (!shouldKeep) {
-        console.log(`Removing item: ${item.id} (${item.name})`);
-      }
-      return shouldKeep;
-    });
-    
-    const itemsAfter = items.value.length;
-    console.log(`Items count: ${itemsBefore} -> ${itemsAfter} (removed ${itemsBefore - itemsAfter})`);
-    console.log('Remaining items:', items.value.map(item => ({ id: item.id, name: item.name })));
+    items.value = items.value.filter((item) => !itemIds.includes(item.id));
   }
 
   return {
@@ -145,6 +68,6 @@ export const useFileStore = defineStore('file', () => {
     fetchFolderContents,
     navigateToFolder,
     searchInFolder,
-    removeItems, // 添加新的删除方法
+    removeItems,
   };
-}); 
\ No newline at end of file
+});
diff --git a/web/src/types/file.d.ts b/web/src/types/file.d.ts
index 3a0cf6f..45b8ed4 100644
--- a/web/src/types/file.d.ts
+++ b/web/src/types/file.d.ts
@@ -12,12 +12,13 @@ export interface FileItem {
     createdAt: string;
     folderId: string;
     permission?: 'read' | 'write' | 'owner';
+    isStarred?: boolean;
   }
   
   /**
    * 文件夹项的基础结构
    */
-  export interface FolderItem {
+export interface FolderItem {
     itemType: 'folder';
     id: string;
     name: string;
@@ -27,6 +28,7 @@ export interface FileItem {
     createdAt: string;
     parentFolderId: string | null;
     permission?: 'read' | 'write' | 'owner';
+    isStarred?: boolean;
   }
   
   /**
@@ -330,4 +332,4 @@ export interface GetRecycleBinRequest {
   page?: number;
   perPage?: number;
   itemType?: 'file' | 'folder';
-}
\ No newline at end of file
+}
diff --git a/web/src/utils/eventBus.ts b/web/src/utils/eventBus.ts
index bc5bc0d..4e07812 100644
--- a/web/src/utils/eventBus.ts
+++ b/web/src/utils/eventBus.ts
@@ -1,4 +1,3 @@
-import { ref } from 'vue';
 import mitt from 'mitt';
 
 type Events = {
@@ -11,4 +10,4 @@ type Events = {
   'search-files': { query: string };
 };
 
-export const eventBus = mitt<Events>(); 
\ No newline at end of file
+export const eventBus = mitt<Events>(); 
diff --git a/web/src/utils/http.ts b/web/src/utils/http.ts
index 08281e8..24f84fc 100644
--- a/web/src/utils/http.ts
+++ b/web/src/utils/http.ts
@@ -2,7 +2,6 @@ import axios from 'axios';
 import type { AxiosInstance, AxiosRequestConfig, AxiosResponse } from 'axios';
 import qs from 'qs';
 import { useUserStore } from '../store/user';
-import type { ApiResponse } from '../types/base';
 
 // 通过模块扩展为 AxiosRequestConfig 添加自定义属性
 declare module 'axios' {
@@ -61,7 +60,7 @@ instance.interceptors.response.use(
         return response.data;
       }
       // 如果HTTP状态码不是200, Blob中可能包含错误信息
-      return new Promise((resolve, reject) => {
+      return new Promise((_resolve, reject) => {
         const reader = new FileReader();
         reader.onload = () => {
           try {
@@ -109,7 +108,7 @@ instance.interceptors.response.use(
         case 401:
           console.error(`[401] 认证失败: ${errorMessage}`);
           const userStore = useUserStore();
-          userStore.removeToken();
+          userStore.logout();
           // 此处可以添加重定向到登录页的逻辑
           // import router from '../router';
           // router.push('/login');
@@ -179,4 +178,4 @@ const http = {
     instance.delete(url, config),
 };
 
-export default http;  
\ No newline at end of file
+export default http;  

From 883017e6267defb02891a62cdfe717350940ae4a Mon Sep 17 00:00:00 2001
From: 0neStep <146049978+AperturePlus@users.noreply.github.com>
Date: Sat, 21 Mar 2026 15:47:24 +0800
Subject: [PATCH 5/8] feat(web-ui): revamp workspace layout and
 auth/share/trash experiences

---
 web/index.html                                |    2 +-
 web/src/components/common/Breadcrumb.vue      |    6 +-
 web/src/components/common/FileTreeNode.vue    |    7 +-
 web/src/components/common/ShareDialog.vue     |  710 ++++++----
 web/src/components/layout/Header.vue          |  356 +++--
 web/src/components/layout/LeftSidebar.vue     |  266 ++--
 web/src/components/layout/MainLayout.vue      |   68 +-
 web/src/components/layout/RightSidebar.vue    |  243 ++--
 web/src/components/layout/UserMenu.vue        |    5 +-
 web/src/composables/useBatchActions.ts        |    6 +-
 web/src/composables/useFileActions.ts         |    4 +-
 web/src/composables/useUpload.ts              |    6 +-
 web/src/pages/dashboard/Dashboard.vue         |  436 +++++-
 web/src/pages/files/MyFiles.vue               | 1206 ++++++++---------
 .../pages/forgot-password/ForgotPassword.vue  |  153 +++
 web/src/pages/forgot-password/index.ts        |    3 +
 web/src/pages/login/Login.vue                 |  455 ++-----
 web/src/pages/profile/Profile.vue             |   27 +-
 web/src/pages/register/Register.vue           |  493 ++-----
 web/src/pages/settings/Settings.vue           |   14 +-
 web/src/pages/shared/SharedWithMe.vue         |  453 +++++--
 web/src/pages/trash/Trash.vue                 |  252 ++--
 web/src/style.css                             |  188 +--
 23 files changed, 2919 insertions(+), 2440 deletions(-)
 create mode 100644 web/src/pages/forgot-password/ForgotPassword.vue
 create mode 100644 web/src/pages/forgot-password/index.ts

diff --git a/web/index.html b/web/index.html
index dde16aa..478dd2d 100644
--- a/web/index.html
+++ b/web/index.html
@@ -4,7 +4,7 @@
     <meta charset="UTF-8" />
     <link rel="icon" type="image/svg+xml" href="/vite.svg" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <title>Vite + Vue + TS</title>
+    <title>FileFlash Cloud Drive</title>
   </head>
   <body>
     <div id="app"></div>
diff --git a/web/src/components/common/Breadcrumb.vue b/web/src/components/common/Breadcrumb.vue
index 0e53d88..85f3780 100644
--- a/web/src/components/common/Breadcrumb.vue
+++ b/web/src/components/common/Breadcrumb.vue
@@ -35,7 +35,7 @@ const handleDrop = (e: DragEvent, folderId: string | null) => {
   emit('drop-on-folder', { sourceItemIds, targetFolderId: folderId });
 };
 
-const handleDragOver = (e: DragEvent, folderId: string | null) => {
+const handleDragOver = (e: DragEvent) => {
   e.preventDefault();
   if (e.dataTransfer) {
     e.dataTransfer.dropEffect = 'move';
@@ -63,7 +63,7 @@ const handleDragLeave = () => {
           class="breadcrumb-link"
           :class="{ 'drag-over': isBeingDraggedOver === item.folderId }"
           @drop="handleDrop($event, item.folderId)"
-          @dragover="handleDragOver($event, item.folderId)"
+          @dragover="handleDragOver($event)"
           @dragenter="handleDragEnter(item.folderId)"
           @dragleave="handleDragLeave"
         >
@@ -123,4 +123,4 @@ const handleDragLeave = () => {
   margin: 0 var(--spacing-sm);
   color: var(--color-text-tertiary);
 }
-</style> 
\ No newline at end of file
+</style> 
diff --git a/web/src/components/common/FileTreeNode.vue b/web/src/components/common/FileTreeNode.vue
index 7356938..62e0970 100644
--- a/web/src/components/common/FileTreeNode.vue
+++ b/web/src/components/common/FileTreeNode.vue
@@ -1,8 +1,9 @@
 <script setup lang="ts">
 import { ref, computed } from 'vue';
-import type { FolderItem, FileItem, ContentItem } from '../../types/file';
+import type { ContentItem } from '../../types/file';
 import { getFolderContents } from '../../api/folder';
 import { getIconForFile } from '../../utils/fileIcons';
+import folderIcon from '../../assets/generic/folder.svg';
 
 const props = defineProps<{
   node: ContentItem;
@@ -110,7 +111,7 @@ const handleClick = () => {
         {{ isExpanded ? '▼' : '►' }}
       </span>
       <span v-else class="arrow-placeholder"></span>
-      <img :src="isFolder ? '/src/assets/generic/folder.svg' : getIconForFile(node.name)" alt="" class="icon" />
+      <img :src="isFolder ? folderIcon : getIconForFile(node.name)" alt="" class="icon" />
       <span class="name">{{ node.name }}</span>
     </div>
     <div v-if="isExpanded" class="node-children">
@@ -179,4 +180,4 @@ const handleClick = () => {
 .node-content.folder {
   cursor: pointer;
 }
-</style> 
\ No newline at end of file
+</style> 
diff --git a/web/src/components/common/ShareDialog.vue b/web/src/components/common/ShareDialog.vue
index 6efd227..3f7884d 100644
--- a/web/src/components/common/ShareDialog.vue
+++ b/web/src/components/common/ShareDialog.vue
@@ -1,94 +1,190 @@
 <script setup lang="ts">
-import { ref, watch} from 'vue';
+import { computed, ref, watch } from 'vue';
+import { useDebounceFn } from '@vueuse/core';
 import type { ContentItem } from '../../types/file';
-import type { Collaborator, CreateShareRequest } from '../../types/share';
+import type { Collaborator } from '../../types/share';
+import type { PermissionItem } from '../../types/permission';
+import type { User, UserGroup } from '../../types/user';
 import { createShare } from '../../api/share';
+import { getUsers } from '../../api/user';
+import { getUserGroups } from '../../api/usergroup';
+import { createPermission, deletePermission, getPermissions, updatePermission } from '../../api/permission';
 
 interface Props {
   isVisible: boolean;
   itemToShare: ContentItem | null;
 }
+
 const props = defineProps<Props>();
-defineEmits(['close']);
+const emit = defineEmits(['close']);
 
-// --- State for internal sharing (ACL) ---
-const searchInput = ref('');
+const searchKeyword = ref('');
 const searchResults = ref<Collaborator[]>([]);
-const selectedCollaborators = ref<Collaborator[]>([]);
+const collaborators = ref<Collaborator[]>([]);
+const isSearching = ref(false);
 
-// --- State for public link sharing ---
 const publicLinkEnabled = ref(false);
-const publicLink = ref(''); 
+const publicLink = ref('');
 const isCreatingShare = ref(false);
 
-// --- Share creation function ---
-const createPublicShare = async () => {
-  if (!props.itemToShare) {
-    console.error('No item to share provided');
+const currentItemPayload = computed(() => {
+  if (!props.itemToShare) return null;
+
+  if (props.itemToShare.itemType === 'file') {
+    return { fileId: props.itemToShare.id };
+  }
+
+  return { folderId: props.itemToShare.id };
+});
+
+const fetchPermissions = async () => {
+  if (!currentItemPayload.value) return;
+
+  try {
+    const response = await getPermissions({ ...currentItemPayload.value, page: 1, perPage: 50 });
+    collaborators.value = response.items.map((permission: PermissionItem) => ({
+      id: permission.grantedTo.id,
+      name: permission.grantedTo.name,
+      type: permission.grantedTo.type,
+      permission: permission.permission,
+      permissionId: permission.permissionId,
+    }));
+  } catch (error) {
+    console.error('Failed to fetch permissions', error);
+    collaborators.value = [];
+  }
+};
+
+const searchCollaborators = async (keyword: string) => {
+  const query = keyword.trim();
+  if (!query) {
+    searchResults.value = [];
     return;
   }
-  
+
+  isSearching.value = true;
+  try {
+    const [users, groups] = await Promise.all([
+      getUsers({ search: query, page: 1, perPage: 8 }),
+      getUserGroups({ search: query, page: 1, perPage: 8 }),
+    ]);
+
+    const userResults: Collaborator[] = users.items.map((user: User) => ({
+      id: user.userId,
+      name: user.username,
+      type: 'user',
+      email: user.email,
+    }));
+
+    const groupResults: Collaborator[] = groups.items.map((group: UserGroup) => ({
+      id: group.groupId,
+      name: group.name,
+      type: 'group',
+    }));
+
+    const existingIds = new Set(collaborators.value.map((item) => `${item.type}:${item.id}`));
+    searchResults.value = [...userResults, ...groupResults].filter((item) => !existingIds.has(`${item.type}:${item.id}`));
+  } finally {
+    isSearching.value = false;
+  }
+};
+
+const debouncedSearch = useDebounceFn(searchCollaborators, 260);
+
+const addCollaborator = async (target: Collaborator) => {
+  if (!currentItemPayload.value) return;
+
+  try {
+    const created = await createPermission({
+      ...currentItemPayload.value,
+      userId: target.type === 'user' ? target.id : undefined,
+      groupId: target.type === 'group' ? target.id : undefined,
+      permission: 'read',
+    });
+
+    collaborators.value.push({
+      ...target,
+      permission: created.permission,
+      permissionId: created.permissionId,
+    });
+
+    searchKeyword.value = '';
+    searchResults.value = [];
+  } catch (error) {
+    console.error('Failed to add collaborator', error);
+  }
+};
+
+const changePermission = async (collaborator: Collaborator, permission: 'read' | 'write' | 'admin') => {
+  if (!collaborator.permissionId) return;
+
+  try {
+    await updatePermission(collaborator.permissionId, { permission });
+    collaborator.permission = permission;
+  } catch (error) {
+    console.error('Failed to update permission', error);
+  }
+};
+
+const removeCollaborator = async (collaborator: Collaborator) => {
+  if (!collaborator.permissionId) return;
+
+  try {
+    await deletePermission(collaborator.permissionId);
+    collaborators.value = collaborators.value.filter((item) => item.permissionId !== collaborator.permissionId);
+  } catch (error) {
+    console.error('Failed to remove permission', error);
+  }
+};
+
+const createPublicShare = async () => {
+  if (!props.itemToShare) return;
+
   isCreatingShare.value = true;
   try {
-    const shareRequest: CreateShareRequest = {
+    const share = await createShare({
       resourceType: props.itemToShare.itemType,
       resourceId: props.itemToShare.id,
-    };
-
-    const shareResponse = await createShare(shareRequest);
-    
-    if (shareResponse && shareResponse.shareLink) {
-      publicLink.value = shareResponse.shareLink;
-      console.log('Share created successfully');
-    } else {
-      throw new Error('No share link in response');
-    }
-    
+    });
+
+    publicLink.value = `${window.location.origin}/share/${share.shareLink}`;
   } catch (error) {
-    console.error('Failed to create share:', error);
-    alert('创建分享失败，请重试');
+    console.error('Failed to create share link', error);
     publicLinkEnabled.value = false;
   } finally {
     isCreatingShare.value = false;
   }
 };
-// -------------------------
 
-const fetchExistingCollaborators = async () => {
-  // 暂时禁用权限获取，因为后端没有实现 permissions API
-  console.log('fetchExistingCollaborators disabled for now');
-  selectedCollaborators.value = [];
+const copyLink = async () => {
+  if (!publicLink.value) return;
+
+  try {
+    await navigator.clipboard.writeText(publicLink.value);
+  } catch {
+    window.prompt('Copy this link', publicLink.value);
+  }
 };
 
-// Reset state when the dialog is closed/opened
-watch(() => props.isVisible, async (newValue) => {
-  if (newValue) {
-    // Reset all fields to default when dialog opens
-    searchInput.value = '';
+watch(
+  () => props.isVisible,
+  async (visible) => {
+    if (!visible) return;
+
+    searchKeyword.value = '';
     searchResults.value = [];
     publicLinkEnabled.value = false;
     publicLink.value = '';
-    
-    // 获取现有的协作者信息
-    await fetchExistingCollaborators();
-  }
-});
-// 分享组件 抽象版
-//------------------
-// Watch for public link toggle to create share automatically
-watch(publicLinkEnabled, (newValue) => {
-  console.log('Public link enabled changed:', newValue);
-  if (newValue && props.itemToShare) {
-    console.log('Creating public share automatically...');
+
+    await fetchPermissions();
+  },
+);
+
+watch(publicLinkEnabled, (enabled) => {
+  if (enabled && !publicLink.value) {
     createPublicShare();
   }
 });
-// --------------
-const copyLink = () => {
-    navigator.clipboard.writeText(publicLink.value)
-        .then(() => alert('Link copied to clipboard!'))
-        .catch(err => console.error('Failed to copy link: ', err));
-};
 </script>
 
 <template>
@@ -96,53 +192,82 @@ const copyLink = () => {
     <div v-if="isVisible" class="modal-overlay" @click.self="$emit('close')">
       <div class="modal-dialog">
         <header class="modal-header">
-          <div class="title-section">
-            <span class="header-icon">🤝</span>
-            <h3 class="modal-title">Share '{{ itemToShare?.name }}'</h3>
+          <div>
+            <h3 class="modal-title">Share: {{ itemToShare?.name }}</h3>
+            <p class="subtitle">Manage access and generate a public link.</p>
           </div>
-          <button class="modal-close" @click="$emit('close')">&times;</button>
+          <button class="modal-close" @click="$emit('close')" aria-label="Close dialog">×</button>
         </header>
 
         <div class="modal-body">
-          <!-- 暂时隐藏内部分享功能
-          <div class="share-section internal-sharing">
-            Internal sharing content
-          </div>
-          <hr class="divider" />
-          -->
-
-          <!-- Public Link Sharing Section -->
-          <div class="share-section public-sharing">
-            <div class="public-link-header">
-              <span class="header-icon">🔗</span>
-              <div class="public-link-info">
-                <h4>Get public link</h4>
-                <p>Anyone with this link can view</p>
+          <section class="section">
+            <h4>Collaborator Permissions</h4>
+
+            <div class="search-box">
+              <input
+                v-model="searchKeyword"
+                type="text"
+                placeholder="Search users or groups"
+                @input="debouncedSearch(searchKeyword)"
+              />
+              <div v-if="isSearching" class="hint">Searching...</div>
+            </div>
+
+            <div v-if="searchResults.length" class="search-list">
+              <button v-for="result in searchResults" :key="`${result.type}-${result.id}`" class="search-item" @click="addCollaborator(result)">
+                <span>{{ result.name }}</span>
+                <small>{{ result.type === 'user' ? result.email : 'User group' }}</small>
+              </button>
+            </div>
+
+            <div v-if="!collaborators.length" class="empty-hint">No collaborators configured.</div>
+
+            <div v-else class="collaborator-list">
+              <div v-for="collaborator in collaborators" :key="collaborator.permissionId || `${collaborator.type}-${collaborator.id}`" class="collaborator-item">
+                <div class="collaborator-meta">
+                  <strong>{{ collaborator.name }}</strong>
+                  <small>{{ collaborator.type === 'user' ? collaborator.email || 'User' : 'Group' }}</small>
+                </div>
+
+                <select
+                  :value="collaborator.permission"
+                  @change="changePermission(collaborator, ($event.target as HTMLSelectElement).value as 'read' | 'write' | 'admin')"
+                >
+                  <option value="read">Read</option>
+                  <option value="write">Write</option>
+                  <option value="admin">Admin</option>
+                </select>
+
+                <button class="remove-btn" @click="removeCollaborator(collaborator)">Remove</button>
+              </div>
+            </div>
+          </section>
+
+          <section class="section public-share">
+            <div class="public-head">
+              <div>
+                <h4>Public Link</h4>
+                <p>Anyone with the link can access according to permission rules.</p>
               </div>
+
               <label class="switch">
-                <input type="checkbox" v-model="publicLinkEnabled" :disabled="isCreatingShare">
-                <span class="slider round"></span>
+                <input v-model="publicLinkEnabled" type="checkbox" :disabled="isCreatingShare" />
+                <span class="slider" />
               </label>
             </div>
-            
-            <transition name="slide-fade">
-              <div v-if="publicLinkEnabled" class="public-link-settings">
-                <div v-if="isCreatingShare" class="loading-indicator">
-                  <span>Creating share link...</span>
-                </div>
-                <div v-else>
-                  <div class="link-display">
-                    <input type="text" :value="publicLink" readonly />
-                    <button class="btn btn-secondary" @click="copyLink">Copy</button>
-                  </div>
-                </div>
+
+            <div v-if="publicLinkEnabled" class="public-content">
+              <div v-if="isCreatingShare" class="hint">Generating link...</div>
+              <div v-else class="link-row">
+                <input type="text" :value="publicLink" readonly />
+                <button @click="copyLink">Copy</button>
               </div>
-            </transition>
-          </div>
+            </div>
+          </section>
         </div>
 
         <footer class="modal-footer">
-          <button class="btn btn-primary" @click="$emit('close')">Done</button>
+          <button class="done-btn" @click="$emit('close')">Done</button>
         </footer>
       </div>
     </div>
@@ -150,229 +275,274 @@ const copyLink = () => {
 </template>
 
 <style scoped>
-/* Base Modal Styles */
 .modal-overlay {
-  position: fixed; inset: 0; background-color: rgba(0, 0, 0, 0.5);
-  display: flex; justify-content: center; align-items: center; z-index: 2000;
+  position: fixed;
+  inset: 0;
+  background: rgba(2, 6, 23, 0.55);
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  z-index: 2000;
 }
+
 .modal-dialog {
-  background-color: var(--color-bg-secondary);
-  border-radius: var(--border-radius-lg);
-  box-shadow: var(--shadow-xl);
-  width: 100%;
-  max-width: 560px; /* Wider for share dialog */
-  display: flex; flex-direction: column;
+  width: min(700px, calc(100vw - 24px));
+  max-height: calc(100vh - 40px);
+  display: flex;
+  flex-direction: column;
   border: 1px solid var(--color-border);
+  border-radius: 14px;
+  background-color: var(--color-bg-primary);
+  box-shadow: var(--shadow-xl);
 }
+
 .modal-header {
-  padding: var(--spacing-md) var(--spacing-lg);
-  border-bottom: 1px solid var(--color-border);
-  display: flex; justify-content: space-between; align-items: center;
+  display: flex;
+  justify-content: space-between;
+  align-items: flex-start;
+  gap: 12px;
+  padding: 14px 16px;
+  border-bottom: 1px solid var(--color-divider);
+}
+
+.modal-title {
+  margin: 0;
+  font-size: 17px;
 }
-.title-section {
-    display: flex;
-    align-items: center;
-    gap: var(--spacing-md);
+
+.subtitle {
+  margin: 4px 0 0;
+  color: var(--color-text-tertiary);
+  font-size: 12px;
 }
-.header-icon { font-size: 1.5rem; }
-.modal-title { margin: 0; font-size: 1.125rem; font-weight: var(--font-weight-semibold); }
+
 .modal-close {
-  background: none; border: none; font-size: 1.75rem; line-height: 1;
-  cursor: pointer; color: var(--color-text-secondary); padding: 0;
+  width: 30px;
+  height: 30px;
+  border-radius: 8px;
+  border: 1px solid var(--color-border);
+  background-color: var(--color-bg-primary);
+  cursor: pointer;
 }
-.modal-body { padding: 0; max-height: 70vh; overflow-y: auto; }
-.modal-footer {
-  padding: var(--spacing-lg);
-  border-top: 1px solid var(--color-border);
-  display: flex; justify-content: flex-end;
-  background-color: var(--color-bg-tertiary);
-  border-bottom-left-radius: var(--border-radius-lg);
-  border-bottom-right-radius: var(--border-radius-lg);
+
+.modal-body {
+  overflow: auto;
+  padding: 16px;
+  display: flex;
+  flex-direction: column;
+  gap: 14px;
+}
+
+.section {
+  border: 1px solid var(--color-border);
+  border-radius: 10px;
+  background-color: var(--color-bg-secondary);
+  padding: 12px;
 }
 
-/* Share Sections */
-.share-section { padding: var(--spacing-lg); }
-.divider { border: none; border-top: 1px solid var(--color-divider); margin: 0; }
+.section h4 {
+  margin: 0 0 10px;
+}
 
-/* Internal Sharing */
-.search-and-add { position: relative; }
-.search-input {
+.search-box input {
   width: 100%;
-  padding: var(--spacing-md);
-  border-radius: var(--border-radius-md);
+  height: 36px;
+  border-radius: 8px;
   border: 1px solid var(--color-border);
   background-color: var(--color-bg-primary);
-  font-size: 1rem;
+  padding: 0 10px;
 }
-.search-results-container {
-  position: absolute;
-  background: var(--color-bg-secondary);
-  width: 100%;
+
+.search-list {
+  margin-top: 8px;
   border: 1px solid var(--color-border);
-  border-top: none;
-  border-radius: 0 0 var(--border-radius-md) var(--border-radius-md);
-  box-shadow: var(--shadow-md);
-  z-index: 10;
-  max-height: 200px;
-  overflow-y: auto;
-}
-.search-result-item {
-  padding: var(--spacing-sm) var(--spacing-md);
-  cursor: pointer;
+  border-radius: 8px;
+  max-height: 160px;
+  overflow: auto;
+}
+
+.search-item {
+  width: 100%;
+  border: none;
+  background: transparent;
+  text-align: left;
+  padding: 8px 10px;
   display: flex;
-  align-items: center;
-  gap: var(--spacing-md);
+  flex-direction: column;
+  cursor: pointer;
 }
-.search-result-item:hover { background: var(--color-bg-tertiary); }
-.result-icon { font-size: 1.25rem; }
-.result-info { display: flex; flex-direction: column; }
-.result-name { font-weight: var(--font-weight-medium); }
-.result-detail { color: var(--color-text-tertiary); font-size: 0.875rem; }
 
-.collaborators-list {
-  margin-top: var(--spacing-lg);
+.search-item:hover {
+  background-color: var(--color-bg-tertiary);
 }
-.collaborators-list > p {
-    font-size: .875rem;
-    color: var(--color-text-secondary);
-    margin-bottom: var(--spacing-sm);
+
+.search-item small {
+  color: var(--color-text-tertiary);
 }
-.collaborator-item {
+
+.empty-hint,
+.hint {
+  color: var(--color-text-tertiary);
+  font-size: 13px;
+}
+
+.collaborator-list {
   display: flex;
-  align-items: center;
-  gap: var(--spacing-md);
-  padding: var(--spacing-sm) 0;
+  flex-direction: column;
+  gap: 8px;
+  margin-top: 10px;
 }
-.collab-icon { font-size: 1.5rem; }
-.collab-info { flex-grow: 1; display: flex; flex-direction: column; }
-.collab-name { font-weight: var(--font-weight-medium); }
-.collab-detail { color: var(--color-text-tertiary); font-size: 0.875rem; }
 
-.permission-select {
-  background: var(--color-bg-secondary);
+.collaborator-item {
+  display: grid;
+  grid-template-columns: 1fr 120px auto;
+  gap: 8px;
+  align-items: center;
   border: 1px solid var(--color-border);
-  border-radius: var(--border-radius-md);
-  padding: var(--spacing-xs) var(--spacing-sm);
-}
-.remove-btn {
-  background: none; border: none; color: var(--color-text-tertiary); cursor: pointer;
-  font-size: 1.25rem;
+  border-radius: 8px;
+  padding: 8px;
+  background-color: var(--color-bg-primary);
 }
 
-/* Public Sharing */
-.public-link-header {
-    display: flex;
-    align-items: center;
-    gap: var(--spacing-md);
+.collaborator-meta {
+  min-width: 0;
+  display: flex;
+  flex-direction: column;
 }
-.public-link-info {
-    flex-grow: 1;
+
+.collaborator-meta strong,
+.collaborator-meta small {
+  overflow: hidden;
+  text-overflow: ellipsis;
+  white-space: nowrap;
 }
-.public-link-info h4, .public-link-info p {
-    margin: 0;
+
+.collaborator-meta small {
+  color: var(--color-text-tertiary);
 }
-.public-link-info p {
-    font-size: .875rem;
-    color: var(--color-text-secondary);
+
+.collaborator-item select {
+  height: 34px;
+  border-radius: 8px;
+  border: 1px solid var(--color-border);
+  padding: 0 8px;
 }
 
-.public-link-settings {
-  margin-top: var(--spacing-lg);
-  padding: var(--spacing-lg);
-  background-color: var(--color-bg-tertiary);
-  border-radius: var(--border-radius-md);
+.remove-btn {
+  height: 34px;
+  border-radius: 8px;
+  border: 1px solid #fca5a5;
+  background-color: var(--color-danger-light);
+  color: var(--color-danger-dark);
+  cursor: pointer;
 }
-.link-display {
+
+.public-share .public-head {
   display: flex;
-  gap: var(--spacing-sm);
+  justify-content: space-between;
+  align-items: center;
+  gap: 10px;
 }
-.link-display input {
-  flex-grow: 1;
-  background-color: var(--color-bg-primary);
+
+.public-share .public-head p {
+  margin: 4px 0 0;
+  font-size: 12px;
+  color: var(--color-text-tertiary);
+}
+
+.public-content {
+  margin-top: 10px;
+}
+
+.link-row {
+  display: grid;
+  grid-template-columns: 1fr auto;
+  gap: 8px;
+}
+
+.link-row input {
+  height: 36px;
+  border-radius: 8px;
   border: 1px solid var(--color-border);
-  border-radius: var(--border-radius-md);
-  padding: var(--spacing-sm);
+  background-color: var(--color-bg-primary);
+  padding: 0 10px;
   font-family: var(--font-family-mono);
+  font-size: 12px;
 }
-.settings-grid {
-    display: grid;
-    grid-template-columns: 1fr 1fr;
-    gap: var(--spacing-lg);
-    margin-top: var(--spacing-lg);
-}
-.settings-option {
-    display: flex;
-    flex-direction: column;
-    gap: var(--spacing-sm);
-}
-.checkbox-label {
-    display: flex;
-    align-items: center;
-    gap: var(--spacing-sm);
-    cursor: pointer;
-}
-.settings-input {
-    width: 100%;
-    padding: var(--spacing-sm);
-    border-radius: var(--border-radius-md);
-    border: 1px solid var(--color-border);
-    background-color: var(--color-bg-primary);
-}
-
-.loading-indicator {
-    text-align: center;
-    padding: var(--spacing-lg);
-    color: var(--color-text-secondary);
-    font-style: italic;
-}
-
-/* Generic Button */
-.btn {
-  padding: var(--spacing-sm) var(--spacing-lg); 
-  border-radius: var(--border-radius-md);
-  border: 1px solid transparent; 
-  cursor: pointer; 
-  font-weight: var(--font-weight-medium);
-  transition: all var(--transition-base);
-}
-.btn-primary {
-  background-color: var(--color-primary); 
-  color: var(--color-text-on-primary);
-  border-color: var(--color-primary);
+
+.link-row button {
+  height: 36px;
+  border-radius: 8px;
+  border: 1px solid var(--color-border);
+  background-color: var(--color-bg-primary);
+  cursor: pointer;
+  padding: 0 12px;
+}
+
+.modal-footer {
+  padding: 12px 16px;
+  border-top: 1px solid var(--color-divider);
+  display: flex;
+  justify-content: flex-end;
 }
-.btn-primary:hover:not(:disabled) { 
-  background-color: var(--color-primary-hover); 
+
+.done-btn {
+  height: 36px;
+  border-radius: 8px;
+  border: none;
+  padding: 0 14px;
+  color: var(--color-text-on-primary);
+  background-color: var(--color-primary);
+  cursor: pointer;
 }
-.btn-secondary {
-  background-color: var(--color-bg-primary); 
-  color: var(--color-text-primary);
-  border: 1px solid var(--color-border);
+
+.switch {
+  width: 44px;
+  height: 24px;
+  position: relative;
 }
-.btn-secondary:hover:not(:disabled) { 
-  border-color: var(--color-border-hover); 
+
+.switch input {
+  opacity: 0;
+  width: 0;
+  height: 0;
 }
 
-/* Switch CSS */
-.switch { position: relative; display: inline-block; width: 44px; height: 24px; }
-.switch input { opacity: 0; width: 0; height: 0; }
 .slider {
-  position: absolute; cursor: pointer; inset: 0;
-  background-color: var(--color-border); transition: .4s;
-}
-.slider:before {
-  position: absolute; content: ""; height: 16px; width: 16px;
-  left: 4px; bottom: 4px;
-  background-color: white; transition: .4s;
-}
-input:checked + .slider { background-color: var(--color-primary); }
-input:checked + .slider:before { transform: translateX(20px); }
-.slider.round { border-radius: 24px; }
-.slider.round:before { border-radius: 50%; }
-
-/* Transitions */
-.modal-fade-enter-active, .modal-fade-leave-active { transition: opacity 0.2s ease; }
-.modal-fade-enter-from, .modal-fade-leave-to { opacity: 0; }
-.slide-fade-enter-active { transition: all .3s ease-out; }
-.slide-fade-leave-active { transition: all .3s cubic-bezier(1.0, 0.5, 0.8, 1.0); }
-.slide-fade-enter-from, .slide-fade-leave-to { transform: translateY(-10px); opacity: 0; }
-</style>
\ No newline at end of file
+  position: absolute;
+  inset: 0;
+  border-radius: 999px;
+  background-color: var(--color-border);
+  transition: 0.2s;
+}
+
+.slider::before {
+  content: '';
+  position: absolute;
+  width: 18px;
+  height: 18px;
+  left: 3px;
+  top: 3px;
+  border-radius: 50%;
+  background-color: #fff;
+  transition: 0.2s;
+}
+
+.switch input:checked + .slider {
+  background-color: var(--color-primary);
+}
+
+.switch input:checked + .slider::before {
+  transform: translateX(20px);
+}
+
+.modal-fade-enter-active,
+.modal-fade-leave-active {
+  transition: opacity 0.2s ease;
+}
+
+.modal-fade-enter-from,
+.modal-fade-leave-to {
+  opacity: 0;
+}
+</style>
diff --git a/web/src/components/layout/Header.vue b/web/src/components/layout/Header.vue
index fa08c99..b12c991 100644
--- a/web/src/components/layout/Header.vue
+++ b/web/src/components/layout/Header.vue
@@ -1,133 +1,114 @@
 <script setup lang="ts">
 import { ref } from 'vue';
 import { useRouter } from 'vue-router';
+import { useDebounceFn } from '@vueuse/core';
 import { useThemeStore } from '../../store/theme';
 import { useUserStore } from '../../store/user';
-import DropdownMenu from '../common/DropdownMenu.vue';
 import { eventBus } from '../../utils/eventBus';
-import { useDebounceFn } from '@vueuse/core';
-
-import icon_white from '../../assets/logo/icon_white.png';
-import icon_dark from '../../assets/logo/icon_dark.png';
-
-import light from '../../assets/theme/light.svg';
-import dark from '../../assets/theme/dark.svg';
+import DropdownMenu from '../common/DropdownMenu.vue';
+import logoLight from '../../assets/logo/icon_white.png';
+import logoDark from '../../assets/logo/icon_dark.png';
 
 const themeStore = useThemeStore();
 const userStore = useUserStore();
 const router = useRouter();
-
 const searchQuery = ref('');
 
 defineProps<{
   leftSidebarCollapsed: boolean;
   rightSidebarVisible: boolean;
-  
 }>();
 
-const emit = defineEmits([
-  'toggle-left-sidebar',
-  'toggle-right-sidebar',
-]);
+const emit = defineEmits(['toggle-left-sidebar', 'toggle-right-sidebar']);
 
 const handleLogout = () => {
   userStore.logout();
   router.push('/login');
 };
 
-const performSearch = (query: string) => {
-  // 发送搜索事件到 MyFiles 页面
+const dispatchSearch = useDebounceFn((query: string) => {
   eventBus.emit('search-files', { query });
-};
-
-const debouncedSearch = useDebounceFn(performSearch, 300);
-
-const handleSearch = (event: Event) => {
-  const target = event.target as HTMLInputElement;
-  const query = target.value.trim();
-  
-  debouncedSearch(query);
-};
+}, 280);
 
-const handleSearchKeydown = (event: KeyboardEvent) => {
-  if (event.key === 'Enter') {
-    handleSearch(event);
-  }
+const handleSearchInput = (event: Event) => {
+  const value = (event.target as HTMLInputElement).value.trim();
+  dispatchSearch(value);
 };
 </script>
 
 <template>
   <header class="app-header">
     <div class="header-left">
-      <button 
-        class="sidebar-toggle-btn"
-        @click="$emit('toggle-left-sidebar')"
+      <button
+        class="icon-btn"
         :aria-label="leftSidebarCollapsed ? 'Expand sidebar' : 'Collapse sidebar'"
+        @click="$emit('toggle-left-sidebar')"
       >
-        <!-- Icon placeholder -->
-        <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path fill="currentColor" d="M3 18v-2h18v2zm0-5v-2h18v2zm0-5V6h18v2z"/></svg>
+        <svg viewBox="0 0 24 24" aria-hidden="true">
+          <path d="M3 6h18M3 12h18M3 18h18" />
+        </svg>
       </button>
 
-      <img v-if="themeStore.theme === 'light'" :src="icon_white" alt="fileflash Logo" class="logo-image" width="100" height="50">
-      <img v-else :src="icon_dark" alt="fileflash Logo" class="logo-image" width="100" height="100">
+      <div class="brand" @click="router.push('/files')">
+        <img :src="themeStore.theme === 'light' ? logoLight : logoDark" alt="FileFlash" class="brand-logo" />
+        <div class="brand-text">
+          <strong>FileFlash</strong>
+          <span>Cloud Workspace</span>
+        </div>
+      </div>
     </div>
-    
+
     <div class="header-center">
-      <div class="search-bar">
-        <!-- Search icon -->
-        <svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 24 24"><path fill="currentColor" d="M15.5 14h-.79l-.28-.27A6.471 6.471 0 0 0 16 9.5A6.5 6.5 0 1 0 9.5 16c1.61 0 3.09-.59 4.23-1.57l.27.28v.79l5 4.99L20.49 19zM9.5 14C7.01 14 5 11.99 5 9.5S7.01 5 9.5 5S14 7.01 14 9.5S11.99 14 9.5 14"/></svg>
-        <input 
-          type="text" 
-          v-model="searchQuery" 
-          placeholder="Search files..."
-          @input="handleSearch"
-          @keydown="handleSearchKeydown"
-        >
+      <div class="search-box">
+        <svg viewBox="0 0 24 24" aria-hidden="true">
+          <path d="M11 4a7 7 0 1 0 4.9 12l4.6 4.6l1.4-1.4l-4.6-4.6A7 7 0 0 0 11 4" />
+        </svg>
+        <input
+          v-model="searchQuery"
+          type="text"
+          placeholder="Search files, folders, and shared content"
+          @input="handleSearchInput"
+        />
       </div>
     </div>
 
     <div class="header-right">
-      <button class="icon-btn" @click="themeStore.toggleTheme" aria-label="Toggle theme">
-        <!-- Sun/Moon icon placeholder -->
-        <img v-if="themeStore.theme === 'light'" :src="light" alt="Theme" width="24" height="24">
-        <img v-else :src="dark" alt="Theme" width="24" height="24">
+      <button class="icon-btn" aria-label="Toggle theme" @click="themeStore.toggleTheme">
+        <svg v-if="themeStore.theme === 'light'" viewBox="0 0 24 24" aria-hidden="true">
+          <path d="M12 5V2m0 20v-3m7-7h3M2 12h3m11.3 4.3l2.1 2.1M5.6 5.6l2.1 2.1m8.6 0l2.1-2.1m-12.8 12.8l2.1-2.1M12 8a4 4 0 1 0 0 8a4 4 0 0 0 0-8" />
+        </svg>
+        <svg v-else viewBox="0 0 24 24" aria-hidden="true">
+          <path d="M21 13a8 8 0 1 1-10-10a7 7 0 0 0 10 10" />
+        </svg>
       </button>
 
-      <button 
-        class="sidebar-toggle-btn"
+      <button
+        class="icon-btn"
+        :aria-label="rightSidebarVisible ? 'Hide preview panel' : 'Show preview panel'"
         @click="$emit('toggle-right-sidebar')"
-        :aria-label="rightSidebarVisible ? 'Hide details' : 'Show details'"
       >
-        <!-- Right sidebar icon placeholder -->
-        <svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path fill="currentColor" d="M19 18h2v-2h-2zm0-5h2v-2h-2zm0-5h2V6h-2zM3 18v-2h14v2zm0-5v-2h14v2zm0-5V6h14v2z"/></svg>
+        <svg viewBox="0 0 24 24" aria-hidden="true">
+          <path d="M4 4h16v16H4zM14 4v16" />
+        </svg>
       </button>
 
       <DropdownMenu>
         <template #trigger>
-          <div class="user-profile">
-            <img src="../../assets/generic/user.svg" alt="User avatar" class="avatar">
-          </div>
+          <button class="profile-trigger" aria-label="User menu">
+            <img src="../../assets/generic/user.svg" alt="User avatar" class="avatar" />
+            <span class="name">{{ userStore.user?.username || 'User' }}</span>
+          </button>
         </template>
         <template #content>
-          <div class="dropdown-content">
-            <div class="user-info">
-              <p class="username">{{ userStore.user?.username || 'User' }}</p>
-              <p class="email">{{ userStore.user?.email || 'email@example.com' }}</p>
+          <div class="menu">
+            <div class="menu-header">
+              <strong>{{ userStore.user?.username || 'User' }}</strong>
+              <small>{{ userStore.user?.email || 'user@example.com' }}</small>
             </div>
-            <hr class="divider">
-            <router-link to="/profile" class="dropdown-item">
-              <svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 24 24"><path fill="currentColor" d="M12 12q-1.65 0-2.825-1.175T8 8q0-1.65 1.175-2.825T12 4q1.65 0 2.825 1.175T16 8q0 1.65-1.175 2.825T12 12m-8 8v-2.8q0-.85.438-1.563T5.6 14.55q1.55-.775 3.15-1.163T12 13q1.65 0 3.25.388t3.15 1.162q.725.375 1.163 1.088T20 17.2V20z"/></svg>
-              个人资料
-            </router-link>
-            <router-link to="/settings" class="dropdown-item">
-              <svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 24 24"><path fill="currentColor" d="M19.14,12.94c0.04-0.3,0.06-0.61,0.06-0.94c0-0.32-0.02-0.64-0.07-0.94l2.03-1.58c0.18-0.14,0.23-0.41,0.12-0.61 l-1.92-3.32c-0.12-0.22-0.37-0.29-0.59-0.22l-2.39,0.96c-0.5-0.38-1.03-0.7-1.62-0.94L14.4,2.81c-0.04-0.24-0.24-0.41-0.48-0.41 h-3.84c-0.24,0-0.43,0.17-0.47,0.41L9.25,5.35C8.66,5.59,8.12,5.92,7.63,6.29L5.24,5.33c-0.22-0.08-0.47,0-0.59,0.22L2.74,8.87 C2.62,9.08,2.66,9.34,2.86,9.48l2.03,1.58C4.84,11.36,4.82,11.69,4.82,12s0.02,0.64,0.07,0.94l-2.03,1.58 c-0.18,0.14-0.23,0.41-0.12,0.61l1.92,3.32c0.12,0.22,0.37,0.29,0.59,0.22l2.39-0.96c0.5,0.38,1.03,0.7,1.62,0.94l0.36,2.54 c0.05,0.24,0.24,0.41,0.48,0.41h3.84c0.24,0,0.44-0.17,0.47-0.41l0.36-2.54c0.59-0.24,1.13-0.56,1.62-0.94l2.39,0.96 c0.22,0.08,0.47,0,0.59-0.22l1.92-3.32c0.12-0.22,0.07-0.47-0.12-0.61L19.14,12.94z M12,15.6c-1.98,0-3.6-1.62-3.6-3.6 s1.62-3.6,3.6-3.6s3.6,1.62,3.6,3.6S13.98,15.6,12,15.6z"/></svg>
-              设置
-            </router-link>
-            <hr class="divider">
-            <button @click="handleLogout" class="dropdown-item logout-item">
-              <svg xmlns="http://www.w3.org/2000/svg" width="18" height="18" viewBox="0 0 24 24"><path fill="currentColor" d="M5 21q-.825 0-1.413-.587T3 19V5q0-.825.588-1.413T5 3h7v2H5v14h7v2zm11-4l-1.375-1.45l2.55-2.55H9v-2h8.175l-2.55-2.55L16 7l5 5z"/></svg>
-              退出登录
-            </button>
+            <router-link class="menu-item" to="/profile">Profile</router-link>
+            <router-link class="menu-item" to="/settings">Settings</router-link>
+            <router-link class="menu-item" to="/dashboard">Dashboard</router-link>
+            <button class="menu-item danger" @click="handleLogout">Log out</button>
           </div>
         </template>
       </DropdownMenu>
@@ -137,142 +118,223 @@ const handleSearchKeydown = (event: KeyboardEvent) => {
 
 <style scoped>
 .app-header {
-  display: flex;
+  display: grid;
+  grid-template-columns: auto 1fr auto;
   align-items: center;
-  justify-content: space-between;
   height: var(--layout-header-height);
   padding: 0 var(--spacing-lg);
-  background-color: var(--color-bg-secondary);
+  gap: var(--spacing-lg);
+  background: linear-gradient(180deg, var(--color-bg-primary), var(--color-bg-secondary));
   border-bottom: 1px solid var(--color-border);
-  transition: background-color var(--transition-base), border-color var(--transition-base);
-  flex-shrink: 0;
+  backdrop-filter: blur(8px);
+  position: relative;
+  z-index: 20;
 }
 
-.header-left, .header-center, .header-right {
+.header-left,
+.header-center,
+.header-right {
   display: flex;
   align-items: center;
+  min-width: 0;
   gap: var(--spacing-md);
 }
 
-.logo {
-  font-size: 1.5rem;
-  font-weight: var(--font-weight-semibold);
+.brand {
+  display: flex;
+  align-items: center;
+  gap: var(--spacing-sm);
+  cursor: pointer;
+  padding: 4px 8px;
+  border-radius: var(--border-radius-md);
+  transition: background-color 0.2s ease;
+}
+
+.brand:hover {
+  background-color: var(--color-bg-tertiary);
+}
+
+.brand-logo {
+  width: 38px;
+  height: 38px;
+  border-radius: 8px;
+}
+
+.brand-text {
+  display: flex;
+  flex-direction: column;
+  line-height: 1.1;
+}
+
+.brand-text strong {
+  font-size: 14px;
   color: var(--color-text-primary);
 }
 
-.search-bar {
+.brand-text span {
+  font-size: 11px;
+  color: var(--color-text-tertiary);
+}
+
+.search-box {
+  width: min(760px, 100%);
+  height: 42px;
   display: flex;
   align-items: center;
   gap: var(--spacing-sm);
   background-color: var(--color-bg-tertiary);
-  border-radius: var(--border-radius-md);
-  padding: var(--spacing-sm) var(--spacing-md);
-  width: 400px;
+  border: 1px solid var(--color-border);
+  border-radius: 999px;
+  padding: 0 14px;
+  transition: border-color 0.2s ease, box-shadow 0.2s ease;
+}
+
+.search-box:focus-within {
+  border-color: var(--color-primary);
+  box-shadow: 0 0 0 3px rgba(var(--color-primary-rgb), 0.15);
 }
 
-.search-bar svg {
+.search-box svg {
+  width: 18px;
+  height: 18px;
+  fill: none;
+  stroke: currentColor;
+  stroke-width: 2;
   color: var(--color-text-tertiary);
+  flex-shrink: 0;
 }
 
-.search-bar input {
+.search-box input {
+  width: 100%;
   border: none;
   outline: none;
   background: transparent;
-  width: 100%;
-  font-size: var(--font-size-base);
   color: var(--color-text-primary);
 }
 
-.sidebar-toggle-btn, .icon-btn {
-  display: flex;
+.icon-btn {
+  width: 38px;
+  height: 38px;
+  border-radius: 10px;
+  border: 1px solid transparent;
+  display: inline-flex;
   align-items: center;
   justify-content: center;
-  width: 40px;
-  height: 40px;
-  border: none;
-  background-color: transparent;
+  background: transparent;
   color: var(--color-text-secondary);
-  border-radius: var(--border-radius-md);
   cursor: pointer;
   transition: var(--transition-base);
 }
 
-.sidebar-toggle-btn:hover, .icon-btn:hover {
+.icon-btn:hover {
+  border-color: var(--color-border);
   background-color: var(--color-bg-tertiary);
   color: var(--color-text-primary);
 }
 
-.user-profile {
-  display: flex;
+.icon-btn svg {
+  width: 18px;
+  height: 18px;
+  fill: none;
+  stroke: currentColor;
+  stroke-width: 2;
+}
+
+.profile-trigger {
+  height: 38px;
+  max-width: 180px;
+  border-radius: 999px;
+  border: 1px solid var(--color-border);
+  background-color: var(--color-bg-primary);
+  display: inline-flex;
   align-items: center;
+  gap: var(--spacing-sm);
+  padding: 0 12px 0 6px;
+  cursor: pointer;
 }
 
-.avatar {
-  width: 40px;
-  height: 40px;
+.profile-trigger .avatar {
+  width: 26px;
+  height: 26px;
   border-radius: 50%;
-  object-fit: cover;
 }
-.dropdown-content {
-  padding: var(--spacing-sm) 0;
+
+.profile-trigger .name {
+  white-space: nowrap;
+  overflow: hidden;
+  text-overflow: ellipsis;
+  color: var(--color-text-secondary);
 }
 
-.user-info {
-  padding: var(--spacing-sm) var(--spacing-md);
-  margin-bottom: var(--spacing-sm);
+.menu {
+  width: 230px;
+  padding: 8px;
+  background-color: var(--color-bg-primary);
+  border-radius: var(--border-radius-md);
 }
 
-.user-info .username {
-  font-weight: var(--font-weight-semibold);
-  color: var(--color-text-primary);
-  margin: 0;
+.menu-header {
+  padding: 8px 10px;
+  margin-bottom: 6px;
+  border-radius: var(--border-radius-sm);
+  background-color: var(--color-bg-tertiary);
+  display: flex;
+  flex-direction: column;
 }
 
-.user-info .email {
-  font-size: 0.875rem;
-  color: var(--color-text-secondary);
-  margin: 0;
+.menu-header strong {
+  font-size: 13px;
 }
 
-.divider {
-  border: none;
-  border-top: 1px solid var(--color-divider);
-  margin: var(--spacing-sm) 0;
+.menu-header small {
+  color: var(--color-text-tertiary);
 }
 
-.dropdown-item {
-  display: block;
+.menu-item {
   width: 100%;
+  height: 36px;
+  border-radius: var(--border-radius-sm);
+  border: none;
+  background: transparent;
   text-align: left;
-  padding: var(--spacing-sm) var(--spacing-md);
   color: var(--color-text-secondary);
-  background: none;
-  border: none;
-  font-size: var(--font-size-base);
-  cursor: pointer;
-  text-decoration: none;
-  border-radius: var(--border-radius-sm);
-  transition: all var(--transition-base);
+  padding: 0 10px;
   display: flex;
   align-items: center;
-  gap: var(--spacing-sm);
+  cursor: pointer;
 }
 
-.dropdown-item:hover {
+.menu-item:hover {
   background-color: var(--color-bg-tertiary);
-  color: var(--color-text-primary);
 }
 
-.dropdown-item svg {
-  flex-shrink: 0;
+.menu-item.danger {
+  color: var(--color-danger);
 }
 
-.logout-item {
-  color: var(--color-danger, #dc2626);
+@media (max-width: 980px) {
+  .brand-text {
+    display: none;
+  }
+
+  .search-box {
+    max-width: 460px;
+  }
 }
 
-.logout-item:hover {
-  background-color: rgba(220, 38, 38, 0.1);
-  color: var(--color-danger, #dc2626);
+@media (max-width: 760px) {
+  .app-header {
+    grid-template-columns: auto 1fr auto;
+    gap: var(--spacing-sm);
+    padding: 0 var(--spacing-sm);
+  }
+
+  .search-box {
+    height: 38px;
+  }
+
+  .profile-trigger .name {
+    display: none;
+  }
 }
-</style> 
\ No newline at end of file
+</style>
diff --git a/web/src/components/layout/LeftSidebar.vue b/web/src/components/layout/LeftSidebar.vue
index febe413..349844a 100644
--- a/web/src/components/layout/LeftSidebar.vue
+++ b/web/src/components/layout/LeftSidebar.vue
@@ -1,53 +1,62 @@
 <script setup lang="ts">
-import { ref, onMounted, onUnmounted } from 'vue';
+import { computed, onMounted, onUnmounted, ref } from 'vue';
 import { useFileStore } from '../../store/file';
-import type { FolderItem, ContentItem } from '../../types/file';
-import { getFolderContents } from '../../api/folder';
+import type { ContentItem, FolderItem } from '../../types/file';
 import FileTreeNode from '../common/FileTreeNode.vue';
 import { eventBus } from '../../utils/eventBus';
 import { getStorageStats } from '../../api/user';
 import type { StorageStats } from '../../types/user';
 
-const props = defineProps<{
-  collapsed: boolean;
-}>();
+defineProps<{ collapsed: boolean }>();
 
 const fileStore = useFileStore();
 
 const rootNode = ref<FolderItem>({
-    id: 'root',
-    name: 'My Files',
-    itemType: 'folder',
-    size: 0,
-    ownerName: '',
-    updatedAt: new Date().toISOString(),
-    createdAt: new Date().toISOString(),
-    parentFolderId: null,
+  id: 'root',
+  name: 'My Files',
+  itemType: 'folder',
+  size: 0,
+  ownerName: '',
+  updatedAt: new Date().toISOString(),
+  createdAt: new Date().toISOString(),
+  parentFolderId: null,
 });
 
-const isLoading = ref(false); // Kept for potential future use
 const treeKey = ref(0);
 const storage = ref<StorageStats | null>(null);
 
-const handleTreeDrop = ({ sourceItemIds, targetFolderId, targetFolderName }: { sourceItemIds: string[], targetFolderId: string, targetFolderName: string }) => {
+const storagePercentage = computed(() => {
+  if (!storage.value || storage.value.storageLimit === 0) return 0;
+  return Math.min(100, Math.round((storage.value.storageUsed / storage.value.storageLimit) * 100));
+});
+
+const formatBytes = (bytes: number, decimals = 1) => {
+  if (bytes === 0) return '0 B';
+  const sizes = ['B', 'KB', 'MB', 'GB', 'TB'];
+  const k = 1024;
+  const dm = decimals < 0 ? 0 : decimals;
+  const i = Math.floor(Math.log(bytes) / Math.log(k));
+  return `${parseFloat((bytes / Math.pow(k, i)).toFixed(dm))} ${sizes[i]}`;
+};
+
+const handleTreeDrop = ({ sourceItemIds, targetFolderId, targetFolderName }: { sourceItemIds: string[]; targetFolderId: string; targetFolderName: string }) => {
   eventBus.emit('move-items', {
     sourceItemIds,
     targetFolderId,
-    targetFolderName
+    targetFolderName,
   });
 };
 
 const handleTreeNavigate = (itemId: string) => {
-    const item = { id: itemId, itemType: 'file' }; // Simplified for now
-    
-    if (itemId === 'root' || findFolderInTree([rootNode.value], itemId)) {
-        fileStore.navigateToFolder(itemId);
-    } else {
-        fileStore.selectedFile = item as ContentItem;
-    }
-}
+  const isFolder = itemId === 'root' || !!findFolderInTree([rootNode.value], itemId);
+  if (isFolder) {
+    fileStore.navigateToFolder(itemId);
+    return;
+  }
+
+  fileStore.selectedFile = { id: itemId, itemType: 'file' } as ContentItem;
+};
 
-// Helper to find folder name for confirmation dialog
 function findFolderInTree(nodes: FolderItem[], id: string): FolderItem | null {
   for (const node of nodes) {
     if (node.id === id) return node;
@@ -56,21 +65,14 @@ function findFolderInTree(nodes: FolderItem[], id: string): FolderItem | null {
 }
 
 const refreshTree = () => {
-  treeKey.value++;
-};
-
-const formatBytes = (bytes: number, decimals = 2) => {
-  if (bytes === 0) return '0 Bytes';
-  const k = 1024;
-  const dm = decimals < 0 ? 0 : decimals;
-  const sizes = ['Bytes', 'KB', 'MB', 'GB', 'TB'];
-  const i = Math.floor(Math.log(bytes) / Math.log(k));
-  return parseFloat((bytes / Math.pow(k, i)).toFixed(dm)) + ' ' + sizes[i];
+  treeKey.value += 1;
 };
 
 onMounted(() => {
   eventBus.on('refresh-file-tree', refreshTree);
-  getStorageStats().then(stats => storage.value = stats);
+  getStorageStats().then((stats) => {
+    storage.value = stats;
+  });
 });
 
 onUnmounted(() => {
@@ -83,50 +85,51 @@ onUnmounted(() => {
     <nav class="sidebar-nav">
       <ul class="nav-list">
         <li class="nav-item">
-          <router-link to="/" class="nav-link" active-class="active">
-            <span>🗂️</span>
+          <router-link to="/files" class="nav-link" active-class="active">
+            <svg viewBox="0 0 24 24" aria-hidden="true"><path d="M3 6h6l2 2h10v10a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2z" /></svg>
             <span v-if="!collapsed" class="link-text">My Files</span>
           </router-link>
         </li>
         <li class="nav-item">
           <router-link to="/shared" class="nav-link" active-class="active">
-            <span>🤝</span>
-            <span v-if="!collapsed" class="link-text">Shared with Me</span>
+            <svg viewBox="0 0 24 24" aria-hidden="true"><path d="M17 7a3 3 0 1 0-2.8-4H14a3 3 0 0 0 .2 1l-5.7 3a3 3 0 1 0 0 2l5.7 3a3 3 0 1 0 .7-1.3l-5.7-3a3 3 0 0 0 0-1.4z" /></svg>
+            <span v-if="!collapsed" class="link-text">Shared</span>
           </router-link>
         </li>
         <li class="nav-item">
           <router-link to="/trash" class="nav-link" active-class="active">
-            <span>🗑️</span>
-            <span v-if="!collapsed" class="link-text">Trash</span>
+            <svg viewBox="0 0 24 24" aria-hidden="true"><path d="M9 3h6l1 2h4v2H4V5h4zm1 6h2v8h-2zm4 0h2v8h-2zM6 7h12l-1 13a2 2 0 0 1-2 2H9a2 2 0 0 1-2-2z" /></svg>
+            <span v-if="!collapsed" class="link-text">Recycle Bin</span>
           </router-link>
         </li>
       </ul>
     </nav>
-    
-    <hr v-if="!collapsed" class="divider">
-
-    <div v-if="!collapsed" class="file-tree-container">
-      <h4 class="tree-header">Workspace</h4>
-       <div v-if="isLoading">Loading...</div>
-       <div class="tree-scroll-wrapper">
-         <FileTreeNode
+
+    <div v-if="!collapsed" class="tree-panel">
+      <div class="panel-title">Workspace Tree</div>
+      <div class="tree-scroll-wrapper">
+        <FileTreeNode
           :key="treeKey"
           :node="rootNode"
           :level="0"
           @drop-on-folder="handleTreeDrop"
           @navigate="handleTreeNavigate"
         />
-       </div>
+      </div>
     </div>
 
     <div class="sidebar-footer">
-       <div v-if="storage" class="storage-status">
-        <span class="icon">💾</span>
-        <div v-if="!collapsed" class="details">
-          <p>Storage</p>
-          <progress :value="storage.storageUsed" :max="storage.storageLimit"></progress>
-          <span>{{ formatBytes(storage.storageUsed) }} / {{ formatBytes(storage.storageLimit) }} Used</span>
+      <div v-if="storage" class="storage-card">
+        <div class="storage-head">
+          <strong v-if="!collapsed">Storage</strong>
+          <span>{{ storagePercentage }}%</span>
         </div>
+        <div class="progress-track" :aria-valuenow="storagePercentage" aria-valuemin="0" aria-valuemax="100" role="progressbar">
+          <div class="progress-fill" :style="{ width: `${storagePercentage}%` }" />
+        </div>
+        <p v-if="!collapsed" class="storage-meta">
+          {{ formatBytes(storage.storageUsed) }} / {{ formatBytes(storage.storageLimit) }}
+        </p>
       </div>
     </div>
   </aside>
@@ -138,118 +141,141 @@ onUnmounted(() => {
   background-color: var(--color-bg-secondary);
   border-right: 1px solid var(--color-border);
   flex-shrink: 0;
-  transition: width var(--transition-base), background-color var(--transition-base), border-color var(--transition-base);
   display: flex;
   flex-direction: column;
+  gap: var(--spacing-md);
   padding: var(--spacing-md);
+  transition: width 0.2s ease;
 }
 
 .left-sidebar.collapsed {
   width: var(--sidebar-left-collapsed-width);
 }
 
-.sidebar-nav {
-  /* styles for nav links */
-}
 .nav-list {
   list-style: none;
-  padding: 0;
   margin: 0;
+  padding: 0;
+  display: flex;
+  flex-direction: column;
+  gap: 4px;
 }
-.nav-item {
-  margin-bottom: var(--spacing-xs);
-}
+
 .nav-link {
+  height: 40px;
   display: flex;
   align-items: center;
-  gap: var(--spacing-md);
-  padding: var(--spacing-sm);
+  gap: 10px;
+  padding: 0 10px;
   border-radius: var(--border-radius-md);
   color: var(--color-text-secondary);
-  text-decoration: none;
-  transition: all var(--transition-base);
+  transition: var(--transition-base);
 }
+
+.nav-link svg {
+  width: 16px;
+  height: 16px;
+  fill: none;
+  stroke: currentColor;
+  stroke-width: 1.8;
+  flex-shrink: 0;
+}
+
 .nav-link:hover {
   background-color: var(--color-bg-tertiary);
   color: var(--color-text-primary);
 }
+
 .nav-link.active {
   background-color: var(--color-primary-light);
   color: var(--color-primary-dark);
   font-weight: var(--font-weight-semibold);
 }
+
+.left-sidebar.collapsed .nav-link {
+  justify-content: center;
+  padding: 0;
+}
+
 .link-text {
   white-space: nowrap;
-  opacity: 1;
-  transition: opacity 0.3s;
-}
-.left-sidebar.collapsed .link-text {
-  opacity: 0;
-  width: 0;
   overflow: hidden;
+  text-overflow: ellipsis;
 }
 
-.divider {
-  border: none;
-  border-top: 1px solid var(--color-divider);
-  margin: var(--spacing-lg) 0;
-}
-
-.file-tree-container {
-  flex-grow: 1;
-  overflow-y: hidden; /* Hide vertical scroll on container */
+.tree-panel {
+  min-height: 0;
+  flex: 1;
   display: flex;
   flex-direction: column;
+  border-top: 1px solid var(--color-divider);
+  padding-top: var(--spacing-md);
 }
 
-.sidebar-footer {
-  margin-top: auto; /* Pushes footer to the bottom */
-  padding-top: var(--spacing-md);
+.panel-title {
+  font-size: 12px;
+  text-transform: uppercase;
+  letter-spacing: 0.08em;
+  color: var(--color-text-tertiary);
+  margin-bottom: var(--spacing-sm);
 }
 
 .tree-scroll-wrapper {
-    flex-grow: 1;
-    overflow: auto; /* Allow both vertical and horizontal scrolling */
-    padding-bottom: var(--spacing-lg); /* Ensure space at the bottom */
+  flex: 1;
+  overflow: auto;
+  padding-right: 4px;
 }
 
-.tree-header {
-  margin-bottom: var(--spacing-md);
-  font-size: 0.9rem;
-  font-weight: var(--font-weight-semibold);
-  color: var(--color-text-tertiary);
-  text-transform: uppercase;
+.sidebar-footer {
+  margin-top: auto;
+}
+
+.storage-card {
+  background: var(--color-bg-tertiary);
+  border: 1px solid var(--color-border);
+  border-radius: var(--border-radius-md);
+  padding: 10px;
 }
 
-.storage-status {
+.storage-head {
   display: flex;
+  justify-content: space-between;
   align-items: center;
-  gap: var(--spacing-md);
-  padding: var(--spacing-md);
-  background-color: var(--color-bg-tertiary);
-  border-radius: var(--border-radius-md);
+  margin-bottom: 8px;
+  font-size: 12px;
+  color: var(--color-text-secondary);
 }
-.collapsed .storage-status {
-    justify-content: center;
+
+.storage-head span {
+  color: var(--color-text-primary);
+  font-weight: var(--font-weight-semibold);
 }
-.icon {
-  font-size: 1.5rem;
+
+.progress-track {
+  height: 8px;
+  border-radius: 999px;
+  background-color: var(--color-bg-quaternary);
+  overflow: hidden;
 }
-.details {
-  width: 100%;
+
+.progress-fill {
+  height: 100%;
+  border-radius: inherit;
+  background: linear-gradient(90deg, var(--color-primary), #4ea8ff);
 }
-.details p {
-  margin: 0 0 var(--spacing-xs);
-  font-weight: var(--font-weight-medium);
-  font-size: .875rem;
+
+.storage-meta {
+  margin: 8px 0 0;
+  font-size: 12px;
+  color: var(--color-text-tertiary);
 }
-.details progress {
-  width: 100%;
-  height: 8px;
-  border-radius: 4px;
+
+.left-sidebar.collapsed .storage-card {
+  padding: 8px;
 }
-.details span {
-  font-size: 0.75rem;
-  color: var(--color-text-secondary);
+
+.left-sidebar.collapsed .storage-head strong,
+.left-sidebar.collapsed .storage-meta {
+  display: none;
 }
-</style>
\ No newline at end of file
+</style>
diff --git a/web/src/components/layout/MainLayout.vue b/web/src/components/layout/MainLayout.vue
index 9002e37..354eb5d 100644
--- a/web/src/components/layout/MainLayout.vue
+++ b/web/src/components/layout/MainLayout.vue
@@ -1,5 +1,5 @@
 <script setup lang="ts">
-import { computed, ref } from 'vue';
+import { computed, ref, watch } from 'vue';
 import { useFileStore } from '../../store/file';
 import { storeToRefs } from 'pinia';
 import AppHeader from './Header.vue';
@@ -11,40 +11,54 @@ const fileStore = useFileStore();
 const { selectedFile } = storeToRefs(fileStore);
 
 const leftSidebarCollapsed = ref(false);
+const rightSidebarHidden = ref(false);
 
-// The right sidebar should be visible if a file is selected for preview
-const rightSidebarVisible = computed(() => selectedFile.value !== null);
+const rightSidebarVisible = computed(() => !!selectedFile.value && !rightSidebarHidden.value);
+
+watch(selectedFile, (value) => {
+  if (!value) {
+    rightSidebarHidden.value = false;
+  }
+});
 
 const toggleLeftSidebar = () => {
   leftSidebarCollapsed.value = !leftSidebarCollapsed.value;
 };
+
+const toggleRightSidebar = () => {
+  if (!selectedFile.value) return;
+  rightSidebarHidden.value = !rightSidebarHidden.value;
+};
 </script>
 
 <template>
   <div class="main-layout">
-    <AppHeader 
+    <AppHeader
       :left-sidebar-collapsed="leftSidebarCollapsed"
       :right-sidebar-visible="rightSidebarVisible"
       @toggle-left-sidebar="toggleLeftSidebar"
-      @toggle-right-sidebar="console.log('toggle right')"
+      @toggle-right-sidebar="toggleRightSidebar"
     />
+
     <div class="layout-body">
       <LeftSidebar :collapsed="leftSidebarCollapsed" />
+
       <main class="main-content">
-        <div class="content-wrapper">
+        <section class="content-wrapper">
           <router-view v-slot="{ Component }">
             <template v-if="Component">
               <Suspense>
-                <component :is="Component"></component>
+                <component :is="Component" />
                 <template #fallback>
-                  <div>Loading...</div>
+                  <div class="loading-fallback">Loading...</div>
                 </template>
               </Suspense>
             </template>
           </router-view>
-        </div>
+        </section>
         <AppFooter />
       </main>
+
       <RightSidebar :visible="rightSidebarVisible" />
     </div>
   </div>
@@ -54,29 +68,41 @@ const toggleLeftSidebar = () => {
 .main-layout {
   display: flex;
   flex-direction: column;
-  height: 100vh;
   width: 100vw;
-  background-color: var(--color-bg-base);
+  height: 100vh;
 }
 
 .layout-body {
   display: flex;
-  flex-direction: row; /* Changed from flex to row for clarity */
-  flex-grow: 1;
-  overflow: hidden;
-  position: relative;
+  min-height: 0;
+  flex: 1;
 }
 
 .main-content {
-  flex-grow: 1;
+  flex: 1;
+  min-width: 0;
   display: flex;
   flex-direction: column;
-  overflow-y: auto;
-  transition: width var(--transition-base);
+  overflow: hidden;
 }
 
 .content-wrapper {
-  padding: var(--spacing-xl);
-  flex-grow: 1;
+  flex: 1;
+  overflow: auto;
+  padding: var(--spacing-lg);
+}
+
+.loading-fallback {
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  min-height: 240px;
+  color: var(--color-text-tertiary);
+}
+
+@media (max-width: 960px) {
+  .content-wrapper {
+    padding: var(--spacing-md);
+  }
 }
-</style> 
\ No newline at end of file
+</style>
diff --git a/web/src/components/layout/RightSidebar.vue b/web/src/components/layout/RightSidebar.vue
index d513c7d..4c4df0c 100644
--- a/web/src/components/layout/RightSidebar.vue
+++ b/web/src/components/layout/RightSidebar.vue
@@ -1,94 +1,121 @@
 <script setup lang="ts">
-import { ref, watch, computed } from 'vue';
-import { useFileStore } from '../../store/file';
+import { computed, onUnmounted, ref, watch } from 'vue';
 import { storeToRefs } from 'pinia';
 import { previewFile } from '../../api/file';
-import type { FileItem } from '../../types/file';
+import { useFileStore } from '../../store/file';
+
+defineProps<{ visible: boolean }>();
 
 const fileStore = useFileStore();
 const { selectedFile } = storeToRefs(fileStore);
 
-const fileContent = ref<string | null>(null);
-const fileUrl = ref<string | null>(null);
 const isLoading = ref(false);
-const error = ref<string | null>(null);
+const error = ref('');
+const textContent = ref('');
+const objectUrl = ref('');
 
-const isTextFile = computed(() => {
-  const file = selectedFile.value;
-  if (!file || file.itemType !== 'file') return false;
-  const mime = file.mimeType;
-  return mime && (mime.startsWith('text/') || mime === 'application/json');
+const selectedMime = computed(() => {
+  if (!selectedFile.value || selectedFile.value.itemType !== 'file') return '';
+  return selectedFile.value.mimeType || '';
 });
 
-const isPdfFile = computed(() => {
-  const file = selectedFile.value;
-  if (!file || file.itemType !== 'file') return false;
-  return file.mimeType === 'application/pdf';
-});
+const isText = computed(() => selectedMime.value.startsWith('text/') || selectedMime.value.includes('json'));
+const isPdf = computed(() => selectedMime.value === 'application/pdf');
+const isImage = computed(() => selectedMime.value.startsWith('image/'));
+const isAudio = computed(() => selectedMime.value.startsWith('audio/'));
+const isVideo = computed(() => selectedMime.value.startsWith('video/'));
+
+const formatBytes = (bytes: number | undefined) => {
+  if (!bytes) return '--';
+  const k = 1024;
+  const units = ['B', 'KB', 'MB', 'GB'];
+  const i = Math.floor(Math.log(bytes) / Math.log(k));
+  return `${(bytes / Math.pow(k, i)).toFixed(i === 0 ? 0 : 1)} ${units[i]}`;
+};
+
+const resetState = () => {
+  textContent.value = '';
+  error.value = '';
+  if (objectUrl.value) {
+    URL.revokeObjectURL(objectUrl.value);
+    objectUrl.value = '';
+  }
+};
+
+const loadPreview = async () => {
+  resetState();
 
-watch(selectedFile, async (newFile) => {
-  // Reset state
-  fileContent.value = null;
-  fileUrl.value = null;
-  error.value = null;
-
-  if (newFile && newFile.itemType === 'file') {
-    isLoading.value = true;
-    try {
-      const blob = await previewFile(newFile.id);
-      
-      if (isPdfFile.value) {
-        // For PDF, create a URL to use in an iframe/embed
-        if (fileUrl.value) URL.revokeObjectURL(fileUrl.value);
-        fileUrl.value = URL.createObjectURL(blob);
-      } else if (isTextFile.value) {
-        // For text-based files, read the content as a string
-        fileContent.value = await blob.text();
-      }
-      
-    } catch (e) {
-      error.value = 'Could not load file preview.';
-      console.error(e);
-    } finally {
-      isLoading.value = false;
+  if (!selectedFile.value || selectedFile.value.itemType !== 'file') {
+    return;
+  }
+
+  isLoading.value = true;
+  try {
+    const blob = await previewFile(selectedFile.value.id);
+    if (isText.value) {
+      textContent.value = await blob.text();
+    } else {
+      objectUrl.value = URL.createObjectURL(blob);
     }
+  } catch {
+    error.value = 'Unable to load file preview.';
+  } finally {
+    isLoading.value = false;
   }
+};
+
+watch(selectedFile, () => {
+  loadPreview();
 }, { immediate: true });
 
+onUnmounted(() => {
+  resetState();
+});
+
 const closeSidebar = () => {
   fileStore.selectedFile = null;
 };
 </script>
 
 <template>
-  <aside :class="['right-sidebar', { visible: !!selectedFile }]">
-    <div v-if="selectedFile" class="sidebar-header">
-      <h3 class="filename" :title="selectedFile.name">{{ selectedFile.name }}</h3>
-      <button @click="closeSidebar" class="close-btn" aria-label="Close details">×</button>
-    </div>
-    <div class="sidebar-content">
-      <div v-if="isLoading" class="centered-message">Loading preview...</div>
-      <div v-else-if="error" class="centered-message error-message">{{ error }}</div>
-      
-      <div v-else-if="selectedFile">
-        <!-- Text/JSON Preview -->
-        <pre v-if="isTextFile" class="text-preview">{{ fileContent }}</pre>
-        
-        <!-- PDF Preview -->
-        <div v-else-if="isPdfFile" class="pdf-preview">
-          <iframe :src="fileUrl!" title="PDF Preview" frameborder="0"></iframe>
+  <aside :class="['right-sidebar', { visible }]">
+    <template v-if="selectedFile && selectedFile.itemType === 'file'">
+      <header class="sidebar-header">
+        <div>
+          <h3 class="filename" :title="selectedFile.name">{{ selectedFile.name }}</h3>
+          <p class="meta">{{ selectedMime || 'unknown type' }} · {{ formatBytes(selectedFile.size) }}</p>
+        </div>
+        <button class="close-btn" @click="closeSidebar" aria-label="Close preview panel">×</button>
+      </header>
+
+      <div class="sidebar-content">
+        <div v-if="isLoading" class="state">Loading preview...</div>
+        <div v-else-if="error" class="state error">{{ error }}</div>
+
+        <pre v-else-if="isText" class="text-preview">{{ textContent }}</pre>
+
+        <div v-else-if="isImage" class="image-preview">
+          <img :src="objectUrl" alt="Image preview" />
         </div>
 
-        <!-- Fallback for unsupported types -->
-        <div v-else class="centered-message">
-          <p>No preview available for this file type.</p>
-          <small v-if="selectedFile.itemType === 'file'">{{ selectedFile.mimeType }}</small>
+        <div v-else-if="isPdf" class="pdf-preview">
+          <iframe :src="objectUrl" title="PDF preview" />
+        </div>
+
+        <div v-else-if="isAudio" class="media-preview">
+          <audio :src="objectUrl" controls preload="metadata" />
+        </div>
+
+        <div v-else-if="isVideo" class="media-preview">
+          <video :src="objectUrl" controls preload="metadata" />
         </div>
-      </div>
 
-       <div v-else class="centered-message">
-        <p>Select a file to see its details.</p>
+        <div v-else class="state">Preview is not available for this file type.</div>
       </div>
+    </template>
+
+    <div v-else class="sidebar-placeholder">
+      <p>Select a file to preview details.</p>
     </div>
   </aside>
 </template>
@@ -96,80 +123,100 @@ const closeSidebar = () => {
 <style scoped>
 .right-sidebar {
   width: var(--sidebar-right-width);
-  background-color: var(--color-bg-secondary);
-  border-left: 1px solid var(--color-border);
-  flex-shrink: 0;
   margin-right: calc(-1 * var(--sidebar-right-width));
-  transition: margin-right var(--transition-base), background-color var(--transition-base), border-color var(--transition-base);
-  z-index: 900;
+  border-left: 1px solid var(--color-border);
+  background-color: var(--color-bg-secondary);
   display: flex;
   flex-direction: column;
+  transition: margin-right 0.2s ease;
 }
 
 .right-sidebar.visible {
   margin-right: 0;
-  box-shadow: -2px 0 8px rgba(0, 0, 0, 0.05);
+  box-shadow: var(--shadow-md);
 }
 
 .sidebar-header {
-  padding: var(--spacing-lg);
+  padding: var(--spacing-md);
   border-bottom: 1px solid var(--color-divider);
-  flex-shrink: 0;
   display: flex;
+  align-items: flex-start;
   justify-content: space-between;
-  align-items: center;
+  gap: var(--spacing-sm);
 }
 
 .filename {
-  font-size: 1.1rem;
-  white-space: nowrap;
-  overflow: hidden;
-  text-overflow: ellipsis;
-  margin-right: var(--spacing-md);
+  font-size: 15px;
+  line-height: 1.35;
+  margin: 0;
+  word-break: break-all;
+}
+
+.meta {
+  margin: 4px 0 0;
+  color: var(--color-text-tertiary);
+  font-size: 12px;
 }
 
 .close-btn {
-  background: none;
-  border: none;
-  font-size: 1.5rem;
+  width: 32px;
+  height: 32px;
+  border-radius: 8px;
+  border: 1px solid var(--color-border);
+  background-color: var(--color-bg-primary);
   cursor: pointer;
-  color: var(--color-text-secondary);
 }
 
 .sidebar-content {
-  padding: var(--spacing-lg);
-  flex-grow: 1;
-  overflow-y: auto;
+  flex: 1;
+  padding: var(--spacing-md);
+  overflow: auto;
 }
 
-.centered-message {
+.sidebar-placeholder,
+.state {
+  flex: 1;
+  display: flex;
+  align-items: center;
+  justify-content: center;
   text-align: center;
-  margin-top: 2rem;
-  color: var(--color-text-secondary);
+  color: var(--color-text-tertiary);
+  padding: var(--spacing-lg);
 }
 
-.error-message {
+.state.error {
   color: var(--color-danger);
 }
 
 .text-preview {
+  margin: 0;
   white-space: pre-wrap;
-  word-wrap: break-word;
+  word-break: break-word;
   font-family: var(--font-family-mono);
-  font-size: 0.875rem;
+  font-size: 12px;
+  line-height: 1.5;
+  color: var(--color-text-secondary);
   background-color: var(--color-bg-tertiary);
-  padding: var(--spacing-md);
+  border: 1px solid var(--color-border);
   border-radius: var(--border-radius-md);
+  padding: 12px;
 }
 
-.pdf-preview {
+.image-preview img,
+.media-preview audio,
+.media-preview video,
+.pdf-preview iframe {
   width: 100%;
-  height: 100%;
+  border-radius: var(--border-radius-sm);
+}
+
+.media-preview video {
+  max-height: 320px;
 }
 
 .pdf-preview iframe {
-  width: 100%;
-  height: 100%;
-  border: none;
+  min-height: 520px;
+  border: 1px solid var(--color-border);
+  background-color: #fff;
 }
-</style> 
\ No newline at end of file
+</style>
diff --git a/web/src/components/layout/UserMenu.vue b/web/src/components/layout/UserMenu.vue
index 5705a48..0f7fbc7 100644
--- a/web/src/components/layout/UserMenu.vue
+++ b/web/src/components/layout/UserMenu.vue
@@ -43,16 +43,13 @@ const handleLogout = () => {
         </div>
         <hr class="divider" />
         <button @click="goToProfile" class="dropdown-item">
-          <span>👤</span>
           <span>My Profile</span>
         </button>
         <button @click="goToSettings" class="dropdown-item">
-          <span>⚙️</span>
           <span>Settings</span>
         </button>
         <hr class="divider" />
         <button @click="handleLogout" class="dropdown-item danger">
-          <span>🚪</span>
           <span>Logout</span>
         </button>
       </div>
@@ -137,4 +134,4 @@ const handleLogout = () => {
     background-color: #3f1a1a;
     color: #fca5a5;
 }
-</style> 
\ No newline at end of file
+</style> 
diff --git a/web/src/composables/useBatchActions.ts b/web/src/composables/useBatchActions.ts
index 86e4c74..ddb02eb 100644
--- a/web/src/composables/useBatchActions.ts
+++ b/web/src/composables/useBatchActions.ts
@@ -46,7 +46,7 @@ export function useBatchActions(
       window.URL.revokeObjectURL(url);
       clearSelection();
       
-      console.log(`✅ 成功下载 ${idsToDownload.length} 个文件`);
+      console.log(`成功下载 ${idsToDownload.length} 个文件`);
     } catch (error) {
       console.error('Batch download failed:', error);
       
@@ -96,7 +96,7 @@ export function useBatchActions(
         console.log('重新获取当前目录内容...');
         await fileStore.fetchFolderContents(fileStore.currentFolderId || 'root');
         
-        console.log(`✅ 成功删除 ${idsToDelete.length} 个项目，已刷新目录`);
+        console.log(`成功删除 ${idsToDelete.length} 个项目，已刷新目录`);
         // 可选：显示成功提示
         // alert(`Successfully moved ${idsToDelete.length} item(s) to trash.`);
       } else {
@@ -132,4 +132,4 @@ export function useBatchActions(
     handleBatchDownload,
     handleBatchDelete,
   };
-} 
\ No newline at end of file
+} 
diff --git a/web/src/composables/useFileActions.ts b/web/src/composables/useFileActions.ts
index 6541ed4..f09371c 100644
--- a/web/src/composables/useFileActions.ts
+++ b/web/src/composables/useFileActions.ts
@@ -97,7 +97,7 @@ export function useFileActions(currentFolderId: Ref<string | null>) {
       await fileStore.fetchFolderContents(fileStore.currentFolderId || 'root');
       eventBus.emit('refresh-file-tree');
       
-      console.log(`✅ 成功删除 "${item.name}"，已刷新目录`);
+      console.log(`成功删除 "${item.name}"，已刷新目录`);
     } catch (error) {
       console.error(`Failed to delete ${item.name}:`, error);
       alert('Failed to move to trash!');
@@ -226,4 +226,4 @@ export function useFileActions(currentFolderId: Ref<string | null>) {
     startShare,
     handleDownload,
   };
-} 
\ No newline at end of file
+} 
diff --git a/web/src/composables/useUpload.ts b/web/src/composables/useUpload.ts
index aaa1a04..74bc144 100644
--- a/web/src/composables/useUpload.ts
+++ b/web/src/composables/useUpload.ts
@@ -83,12 +83,12 @@ export function useUpload(currentFolderId: Ref<string | null>) {
         fileStore.items.unshift(fileItem);
         
         // 显示成功提示
-        console.log(`✅ 文件 "${file.name}" 上传成功！`);
+        console.log(`文件 "${file.name}" 上传成功！`);
       } else {
         // If upload completes but no file data is returned (e.g. second upload),
         // refresh the folder to ensure consistency.
         await fileStore.fetchFolderContents(currentFolderId.value || 'root');
-        console.log(`✅ 文件 "${file.name}" 上传完成！`);
+        console.log(`文件 "${file.name}" 上传完成！`);
       }
 
       eventBus.emit('refresh-file-tree');
@@ -166,4 +166,4 @@ export function useUpload(currentFolderId: Ref<string | null>) {
     handleDrop,
     handleFileSelect,
   };
-} 
\ No newline at end of file
+} 
diff --git a/web/src/pages/dashboard/Dashboard.vue b/web/src/pages/dashboard/Dashboard.vue
index 47fb6b4..68447a9 100644
--- a/web/src/pages/dashboard/Dashboard.vue
+++ b/web/src/pages/dashboard/Dashboard.vue
@@ -1,74 +1,416 @@
 <script setup lang="ts">
-import { ref, onMounted } from 'vue';
-import { getStorageStats } from '../../api/user';
+import { onMounted, ref } from 'vue';
+import { deleteShare, getShares } from '../../api/share';
+import { getLogs } from '../../api/log';
+import { broadcastNotification, getNotifications } from '../../api/notification';
+import { getStorageSummary, getUsageTrend } from '../../api/storage';
+import { getAdminUsers, getViolations, resolveViolation, updateUserStatus } from '../../api/user';
 import type { StorageStats } from '../../types/user';
+import type { Share } from '../../types/share';
+import type { LogItem } from '../../types/log';
+import type { NotificationItem } from '../../types/notification';
 
-const stats = ref<StorageStats | null>(null);
-const isLoading = ref(true);
+const isLoading = ref(false);
+
+const storageSummary = ref<StorageStats | null>(null);
+const usageTrend = ref<Array<{ date: string; used: number }>>([]);
+
+const adminUsers = ref<any[]>([]);
+const logs = ref<LogItem[]>([]);
+const shares = ref<Share[]>([]);
+const violations = ref<any[]>([]);
+const notifications = ref<NotificationItem[]>([]);
+
+const noticeText = ref('');
+
+const formatBytes = (bytes: number) => {
+  if (!bytes) return '0 B';
+  const units = ['B', 'KB', 'MB', 'GB', 'TB'];
+  const i = Math.floor(Math.log(bytes) / Math.log(1024));
+  return `${(bytes / Math.pow(1024, i)).toFixed(i === 0 ? 0 : 1)} ${units[i]}`;
+};
+
+const loadDashboardData = async () => {
+  isLoading.value = true;
 
-onMounted(async () => {
   try {
-    stats.value = await getStorageStats();
-  } catch (error) {
-    console.error('Failed to fetch storage stats:', error);
+    const [summary, trend, users, logRes, shareRes, violationRes, notificationRes] = await Promise.all([
+      getStorageSummary(),
+      getUsageTrend({ days: 7 }),
+      getAdminUsers({ page: 1, perPage: 8 }),
+      getLogs({ page: 1, perPage: 8 }),
+      getShares({ page: 1, perPage: 8 }),
+      getViolations(),
+      getNotifications({ page: 1, perPage: 8 }),
+    ]);
+
+    storageSummary.value = summary;
+    usageTrend.value = trend.trends;
+    adminUsers.value = users.items;
+    logs.value = logRes.logs;
+    shares.value = shareRes.items;
+    violations.value = violationRes.items;
+    notifications.value = notificationRes.items;
   } finally {
     isLoading.value = false;
   }
-});
+};
+
+const handleUpdateUserStatus = async (user: any, status: 'active' | 'suspended') => {
+  await updateUserStatus(user.userId, status);
+  user.status = status;
+};
+
+const handleResolveViolation = async (violationId: string) => {
+  await resolveViolation(violationId);
+  violations.value = violations.value.filter((item) => item.id !== violationId);
+};
+
+const handleDeleteShare = async (share: Share) => {
+  await deleteShare(share.shareLink);
+  shares.value = shares.value.filter((item) => item.shareId !== share.shareId);
+};
+
+const sendNotice = async () => {
+  if (!noticeText.value.trim()) return;
+  await broadcastNotification(noticeText.value.trim());
+  noticeText.value = '';
+  const latest = await getNotifications({ page: 1, perPage: 8 });
+  notifications.value = latest.items;
+};
+
+onMounted(loadDashboardData);
 </script>
 
 <template>
-  <div class="dashboard-page">
-    <h2>Dashboard</h2>
-    <div v-if="isLoading" class="loading">Loading stats...</div>
-    <div v-else-if="stats" class="stats-grid">
-      <div class="stat-card">
-        <h4>Storage Usage</h4>
-        <p>{{ (stats.storageUsed / 1024 / 1024 / 1024).toFixed(2) }} GB / {{ (stats.storageLimit / 1024 / 1024 / 1024).toFixed(2) }} GB</p>
-        <progress :value="stats.storageUsed" :max="stats.storageLimit"></progress>
+  <section class="dashboard-page">
+    <header class="page-header">
+      <div>
+        <h1>Admin Dashboard</h1>
+        <p>Monitor storage, users, shares, logs, violations and notices in one place.</p>
       </div>
-      <div class="stat-card">
-        <h4>File Count</h4>
-        <p>{{ stats.fileCount }}</p>
-      </div>
-      <div class="stat-card">
-        <h4>Folder Count</h4>
-        <p>{{ stats.folderCount }}</p>
+      <button class="refresh-btn" @click="loadDashboardData" :disabled="isLoading">
+        {{ isLoading ? 'Refreshing...' : 'Refresh' }}
+      </button>
+    </header>
+
+    <div class="metrics" v-if="storageSummary">
+      <article class="metric-card">
+        <h3>Total Storage</h3>
+        <strong>{{ formatBytes(storageSummary.storageUsed) }}</strong>
+        <small>/ {{ formatBytes(storageSummary.storageLimit) }}</small>
+      </article>
+      <article class="metric-card">
+        <h3>Files</h3>
+        <strong>{{ storageSummary.fileCount }}</strong>
+      </article>
+      <article class="metric-card">
+        <h3>Folders</h3>
+        <strong>{{ storageSummary.folderCount }}</strong>
+      </article>
+      <article class="metric-card">
+        <h3>Usage</h3>
+        <strong>{{ Math.round(storageSummary.storagePercentage) }}%</strong>
+      </article>
+    </div>
+
+    <div class="trend-card" v-if="usageTrend.length">
+      <h3>7-Day Storage Trend</h3>
+      <div class="trend-bars">
+        <div v-for="point in usageTrend" :key="point.date" class="bar-item">
+          <div class="bar-track"><div class="bar-fill" :style="{ height: `${Math.max(6, (point.used / (usageTrend[usageTrend.length - 1].used || 1)) * 100)}%` }" /></div>
+          <small>{{ point.date.slice(5) }}</small>
+        </div>
       </div>
-      <!-- More stats can be added here -->
     </div>
-    <div v-else class="error">
-      Could not load statistics.
+
+    <div class="grid">
+      <article class="card">
+        <h3>User Management</h3>
+        <div class="table-list">
+          <div v-for="user in adminUsers" :key="user.userId" class="table-row">
+            <div>
+              <strong>{{ user.username }}</strong>
+              <small>{{ user.email }}</small>
+            </div>
+            <button
+              class="status-btn"
+              :class="{ suspended: user.status === 'suspended' }"
+              @click="handleUpdateUserStatus(user, user.status === 'active' ? 'suspended' : 'active')"
+            >
+              {{ user.status === 'active' ? 'Suspend' : 'Activate' }}
+            </button>
+          </div>
+        </div>
+      </article>
+
+      <article class="card">
+        <h3>Recent Logs</h3>
+        <div class="table-list">
+          <div v-for="log in logs" :key="log.id" class="table-row">
+            <div>
+              <strong>{{ log.operationName }}</strong>
+              <small>{{ new Date(log.performedAt).toLocaleString() }}</small>
+            </div>
+            <span class="muted">{{ log.ipAddress }}</span>
+          </div>
+        </div>
+      </article>
+
+      <article class="card">
+        <h3>Share Links</h3>
+        <div class="table-list">
+          <div v-for="share in shares" :key="share.shareId" class="table-row">
+            <div>
+              <strong>{{ share.itemInfo.name }}</strong>
+              <small>{{ share.shareLink }}</small>
+            </div>
+            <button class="danger-btn" @click="handleDeleteShare(share)">Delete</button>
+          </div>
+        </div>
+      </article>
+
+      <article class="card">
+        <h3>Violation Queue</h3>
+        <div class="table-list">
+          <div v-for="item in violations" :key="item.id" class="table-row">
+            <div>
+              <strong>{{ item.fileName }}</strong>
+              <small>{{ item.type }} · {{ item.level }}</small>
+            </div>
+            <button class="status-btn" @click="handleResolveViolation(item.id)">Resolve</button>
+          </div>
+        </div>
+      </article>
+
+      <article class="card span-2">
+        <h3>Send Notification</h3>
+        <div class="notice-form">
+          <textarea v-model="noticeText" placeholder="Enter a system notification for users" rows="3" />
+          <button class="refresh-btn" @click="sendNotice">Send</button>
+        </div>
+        <div class="table-list">
+          <div v-for="notice in notifications" :key="notice.id" class="table-row">
+            <div>
+              <strong>{{ notice.message }}</strong>
+              <small>{{ new Date(notice.createdAt).toLocaleString() }}</small>
+            </div>
+            <span class="badge" :class="{ read: notice.isRead }">{{ notice.isRead ? 'Read' : 'Unread' }}</span>
+          </div>
+        </div>
+      </article>
     </div>
-  </div>
+  </section>
 </template>
 
 <style scoped>
-.dashboard-page h2 {
-  margin-bottom: var(--spacing-lg);
+.dashboard-page {
+  display: flex;
+  flex-direction: column;
+  gap: var(--spacing-md);
+}
+
+.page-header {
+  display: flex;
+  justify-content: space-between;
+  align-items: center;
+  gap: var(--spacing-md);
+  flex-wrap: wrap;
 }
-.stats-grid {
+
+.page-header p {
+  margin: 4px 0 0;
+  color: var(--color-text-secondary);
+}
+
+.refresh-btn,
+.status-btn,
+.danger-btn {
+  height: 34px;
+  border-radius: 8px;
+  border: 1px solid transparent;
+  padding: 0 12px;
+  cursor: pointer;
+}
+
+.refresh-btn,
+.status-btn {
+  background-color: var(--color-bg-primary);
+  border-color: var(--color-border);
+}
+
+.danger-btn,
+.status-btn.suspended {
+  background-color: var(--color-danger-light);
+  border-color: #fca5a5;
+  color: var(--color-danger-dark);
+}
+
+.metrics {
   display: grid;
-  grid-template-columns: repeat(auto-fit, minmax(250px, 1fr));
-  gap: var(--spacing-lg);
+  grid-template-columns: repeat(auto-fit, minmax(180px, 1fr));
+  gap: var(--spacing-sm);
 }
-.stat-card {
+
+.metric-card {
+  border: 1px solid var(--color-border);
+  border-radius: 10px;
   background-color: var(--color-bg-secondary);
-  padding: var(--spacing-lg);
-  border-radius: var(--border-radius-md);
-  box-shadow: var(--shadow-sm);
+  padding: 12px;
 }
-.stat-card h4 {
-  margin-bottom: var(--spacing-sm);
-  color: var(--color-text-secondary);
+
+.metric-card h3 {
+  margin: 0 0 8px;
+  font-size: 13px;
+  color: var(--color-text-tertiary);
+}
+
+.metric-card strong {
+  font-size: 24px;
+}
+
+.metric-card small {
+  color: var(--color-text-tertiary);
+}
+
+.trend-card {
+  border: 1px solid var(--color-border);
+  border-radius: 10px;
+  background-color: var(--color-bg-secondary);
+  padding: 12px;
+}
+
+.trend-card h3 {
+  margin-bottom: 10px;
+}
+
+.trend-bars {
+  height: 140px;
+  display: grid;
+  grid-template-columns: repeat(auto-fit, minmax(56px, 1fr));
+  gap: 8px;
 }
-.stat-card p {
-  font-size: 1.5rem;
-  font-weight: var(--font-weight-semibold);
-  margin: 0;
+
+.bar-item {
+  display: flex;
+  flex-direction: column;
+  justify-content: flex-end;
+  align-items: center;
+  gap: 6px;
 }
-.stat-card progress {
+
+.bar-track {
+  width: 28px;
+  height: 100%;
+  border-radius: 999px;
+  background-color: var(--color-bg-tertiary);
+  display: flex;
+  align-items: flex-end;
+  overflow: hidden;
+}
+
+.bar-fill {
   width: 100%;
-  margin-top: var(--spacing-md);
+  border-radius: inherit;
+  background: linear-gradient(180deg, #4ea8ff, var(--color-primary));
+}
+
+.grid {
+  display: grid;
+  grid-template-columns: repeat(2, minmax(0, 1fr));
+  gap: var(--spacing-sm);
+}
+
+.card {
+  border: 1px solid var(--color-border);
+  border-radius: 10px;
+  background-color: var(--color-bg-secondary);
+  padding: 12px;
+}
+
+.card h3 {
+  margin: 0 0 10px;
+}
+
+.span-2 {
+  grid-column: span 2;
+}
+
+.table-list {
+  display: flex;
+  flex-direction: column;
+  gap: 8px;
+}
+
+.table-row {
+  display: flex;
+  justify-content: space-between;
+  gap: 12px;
+  align-items: center;
+  border: 1px solid var(--color-border);
+  border-radius: 8px;
+  background-color: var(--color-bg-primary);
+  padding: 8px;
+}
+
+.table-row > div {
+  min-width: 0;
+  display: flex;
+  flex-direction: column;
+}
+
+.table-row strong,
+.table-row small,
+.table-row span,
+.table-row code {
+  overflow: hidden;
+  text-overflow: ellipsis;
+  white-space: nowrap;
+}
+
+.table-row small,
+.muted {
+  color: var(--color-text-tertiary);
+}
+
+.notice-form {
+  display: flex;
+  gap: 10px;
+  margin-bottom: 10px;
+}
+
+.notice-form textarea {
+  flex: 1;
+  border: 1px solid var(--color-border);
+  border-radius: 8px;
+  background-color: var(--color-bg-primary);
+  padding: 8px;
+  resize: vertical;
+  min-height: 72px;
+}
+
+.badge {
+  font-size: 12px;
+  padding: 3px 8px;
+  border-radius: 999px;
+  background-color: #fde68a;
+}
+
+.badge.read {
+  background-color: #bbf7d0;
+}
+
+@media (max-width: 980px) {
+  .grid {
+    grid-template-columns: 1fr;
+  }
+
+  .span-2 {
+    grid-column: span 1;
+  }
+
+  .notice-form {
+    flex-direction: column;
+  }
 }
-</style> 
\ No newline at end of file
+</style>
diff --git a/web/src/pages/files/MyFiles.vue b/web/src/pages/files/MyFiles.vue
index 7909574..3cb77ef 100644
--- a/web/src/pages/files/MyFiles.vue
+++ b/web/src/pages/files/MyFiles.vue
@@ -1,5 +1,5 @@
 <script setup lang="ts">
-import { onMounted, ref, onUnmounted, computed } from 'vue';
+import { computed, onMounted, onUnmounted, ref, watch } from 'vue';
 import { storeToRefs } from 'pinia';
 import { useFileStore } from '../../store/file';
 import { useFileSelection } from '../../composables/useFileSelection';
@@ -7,198 +7,218 @@ import { useFileActions } from '../../composables/useFileActions';
 import { useBatchActions } from '../../composables/useBatchActions';
 import { useUpload } from '../../composables/useUpload';
 import { useFileSorting } from '../../composables/useFileSorting';
+import { toggleFileStar } from '../../api/file';
+import { toggleFolderStar } from '../../api/folder';
 import Breadcrumb from '../../components/common/Breadcrumb.vue';
 import DropdownMenu from '../../components/common/DropdownMenu.vue';
 import MoveItemDialog from '../../components/common/MoveItemDialog.vue';
 import ShareDialog from '../../components/common/ShareDialog.vue';
-import type { FolderItem, FileItem, ContentItem } from '../../types/file';
 import { eventBus } from '../../utils/eventBus';
 import { getIconForFile } from '../../utils/fileIcons';
+import type { ContentItem, FileItem, FolderItem } from '../../types/file';
 
 const fileStore = useFileStore();
 const { items, path, isLoading, currentFolderId } = storeToRefs(fileStore);
 const fileInput = ref<HTMLInputElement | null>(null);
 
-// 搜索相关状态
 const searchQuery = ref('');
 const isSearching = ref(false);
 const searchResults = ref<ContentItem[]>([]);
 
-// --- Composables ---
-const { selectedItems, isSelected, toggleSelection, selectedCount, clearSelection } = useFileSelection();
-const { 
-  renamingItemId, renameInputValue, renameInput,
-  itemToMove, isMoveDialogVisible, itemToShare, isShareDialogVisible,
-  startRename, cancelRename, finishRename, handleDelete, 
-  startMove, closeMoveDialog, handleMoveConfirm,
-  /* startShare, */ handleDownload, handleCreateFolder, handleBatchMove
+const {
+  selectedItems,
+  isSelected,
+  toggleSelection,
+  selectedCount,
+  clearSelection,
+} = useFileSelection();
+
+const {
+  renamingItemId,
+  renameInputValue,
+  renameInput,
+  itemToMove,
+  isMoveDialogVisible,
+  itemToShare,
+  isShareDialogVisible,
+  startRename,
+  cancelRename,
+  finishRename,
+  handleDelete,
+  handleDownload,
+  handleCreateFolder,
+  startMove,
+  closeMoveDialog,
+  handleMoveConfirm,
+  startShare,
+  handleBatchMove,
 } = useFileActions(currentFolderId);
+
 const { handleBatchDownload, handleBatchDelete } = useBatchActions(selectedItems, clearSelection);
+
 const {
-  uploadTasks, isDragging, handleDragEnter, handleDragLeave,
-  handleDragOver, handleDrop, handleFileSelect
+  uploadTasks,
+  isDragging,
+  handleDragEnter,
+  handleDragLeave,
+  handleDragOver,
+  handleDrop,
+  handleFileSelect,
 } = useUpload(currentFolderId);
-const { sortedItems, setSort } = useFileSorting(items);
 
-// 显示的项目列表（根据是否在搜索状态决定显示什么）
-const displayItems = computed(() => {
-  let sourceItems;
-  if (isSearching.value) {
-    sourceItems = [...searchResults.value].sort((a, b) => a.name.localeCompare(b.name));
-  } else {
-    sourceItems = sortedItems.value;
-  }
-  
-  return sourceItems;
-});
+const { sortedItems, setSort, sortKey, sortDirection } = useFileSorting(items);
 
+const viewMode = ref<'grid' | 'list'>((localStorage.getItem('fileflash-view-mode') as 'grid' | 'list') || 'grid');
 
-// --- Component Logic ---
-onMounted(() => {
-  fileStore.fetchFolderContents('root');
-  eventBus.on('move-items', handleSidebarMove);
-  eventBus.on('search-files', handleSearch);
+watch(viewMode, (value) => {
+  localStorage.setItem('fileflash-view-mode', value);
 });
 
-onUnmounted(() => {
-  eventBus.off('move-items', handleSidebarMove);
-  eventBus.off('search-files', handleSearch);
+const displayItems = computed(() => {
+  if (isSearching.value) {
+    return [...searchResults.value].sort((a, b) => a.name.localeCompare(b.name));
+  }
+  return sortedItems.value;
 });
 
-const handleSidebarMove = ({ sourceItemIds, targetFolderId, targetFolderName }: { sourceItemIds: string[], targetFolderId: string, targetFolderName: string }) => {
-  if (confirm(`Are you sure you want to move ${sourceItemIds.length} item(s) to "${targetFolderName}"?`)) {
-    handleBatchMove(sourceItemIds, targetFolderId);
-  }
+const handleSidebarMove = ({ sourceItemIds, targetFolderId, targetFolderName }: { sourceItemIds: string[]; targetFolderId: string; targetFolderName: string }) => {
+  const canMove = window.confirm(`Move ${sourceItemIds.length} item(s) to \"${targetFolderName}\"?`);
+  if (!canMove) return;
+  handleBatchMove(sourceItemIds, targetFolderId);
 };
 
 const handleSearch = async ({ query }: { query: string }) => {
   searchQuery.value = query;
-  
+
   if (!query) {
-    // 如果搜索查询为空，恢复正常的文件夹视图
     isSearching.value = false;
     searchResults.value = [];
     return;
   }
-  
+
   isSearching.value = true;
   try {
-    // 使用当前文件夹进行搜索
-    const response = await fileStore.searchInFolder(currentFolderId.value || 'root', query);
-    searchResults.value = response;
-  } catch (error) {
-    console.error('Search failed:', error);
+    searchResults.value = await fileStore.searchInFolder(currentFolderId.value || 'root', query);
+  } catch {
     searchResults.value = [];
   }
 };
 
 const triggerFileInput = () => fileInput.value?.click();
 
-const handleBreadcrumbNavigation = (folderId: string) => {
-  // 清除搜索状态当通过面包屑导航时
-  if (isSearching.value) {
-    isSearching.value = false;
-    searchQuery.value = '';
-    searchResults.value = [];
-  }
+const navigateByBreadcrumb = (folderId: string) => {
+  isSearching.value = false;
+  searchQuery.value = '';
+  searchResults.value = [];
   fileStore.navigateToFolder(folderId);
 };
 
-const handleBreadcrumbDrop = ({ sourceItemIds, targetFolderId }: { sourceItemIds: string[], targetFolderId: string }) => {
-  const filesToMove = fileStore.items.filter(i => sourceItemIds.includes(i.id));
-  const targetFolder = fileStore.path.find(p => p.folderId === targetFolderId);
-
-  if (!targetFolder) return;
-  
-  if (confirm(`Are you sure you want to move ${filesToMove.length} item(s) to "${targetFolder.name}"?`)) {
-    handleBatchMove(sourceItemIds, targetFolderId);
-  }
+const handleBreadcrumbDrop = ({ sourceItemIds, targetFolderId }: { sourceItemIds: string[]; targetFolderId: string }) => {
+  const canMove = window.confirm(`Move ${sourceItemIds.length} item(s) to this folder?`);
+  if (!canMove) return;
+  handleBatchMove(sourceItemIds, targetFolderId);
 };
 
 const handleItemClick = (item: ContentItem) => {
   if (renamingItemId.value === item.id) return;
-  
+
   if (item.itemType === 'folder') {
-    // 清除搜索状态当导航到文件夹时
-    if (isSearching.value) {
-      isSearching.value = false;
-      searchQuery.value = '';
-      searchResults.value = [];
-    }
+    isSearching.value = false;
+    searchQuery.value = '';
+    searchResults.value = [];
     fileStore.navigateToFolder(item.id);
-  } else {
-    // A regular click on a file now selects it for preview
-    fileStore.selectedFile = item;
+    return;
   }
+
+  fileStore.selectedFile = item;
 };
 
 const handleDragItemStart = (e: DragEvent, item: ContentItem) => {
-  if (e.dataTransfer) {
-    // If the dragged item is part of a selection, drag all selected items
-    const itemsToDrag = isSelected(item.id) 
-      ? Array.from(selectedItems.value) 
-      : [item.id];
-
-    e.dataTransfer.setData('application/fileflash-item-ids', JSON.stringify(itemsToDrag));
-    e.dataTransfer.effectAllowed = 'move';
-  }
+  if (!e.dataTransfer) return;
+  const ids = isSelected(item.id) ? Array.from(selectedItems.value) : [item.id];
+  e.dataTransfer.setData('application/fileflash-item-ids', JSON.stringify(ids));
+  e.dataTransfer.effectAllowed = 'move';
 };
 
-const handleFolderDrop = (e: DragEvent, targetFolder: FolderItem) => {
+const handleFolderDrop = (e: DragEvent, folder: FolderItem) => {
   e.preventDefault();
-  e.stopPropagation();
-  const sourceItemIdsJSON = e.dataTransfer?.getData('application/fileflash-item-ids');
-  if (!sourceItemIdsJSON) return;
-  
-  const sourceItemIds = JSON.parse(sourceItemIdsJSON);
-  
-  // Prevent dropping a folder into itself
-  if (sourceItemIds.includes(targetFolder.id)) return;
-
-  const filesToMove = fileStore.items.filter(i => sourceItemIds.includes(i.id));
-
-  if (confirm(`Are you sure you want to move ${filesToMove.length} item(s) into "${targetFolder.name}"?`)) {
-    handleBatchMove(sourceItemIds, targetFolder.id);
+  const raw = e.dataTransfer?.getData('application/fileflash-item-ids');
+  if (!raw) return;
+
+  const sourceIds: string[] = JSON.parse(raw);
+  if (sourceIds.includes(folder.id)) return;
+
+  const canMove = window.confirm(`Move ${sourceIds.length} item(s) into \"${folder.name}\"?`);
+  if (!canMove) return;
+
+  handleBatchMove(sourceIds, folder.id);
+};
+
+const handleToggleStar = async (item: ContentItem) => {
+  const targetValue = !Boolean(item.isStarred);
+
+  try {
+    if (item.itemType === 'file') {
+      await toggleFileStar(item.id, targetValue);
+    } else {
+      await toggleFolderStar(item.id, targetValue);
+    }
+
+    const target = fileStore.items.find((entry) => entry.id === item.id);
+    if (target) target.isStarred = targetValue;
+  } catch (error) {
+    console.error('Failed to update star status', error);
   }
 };
 
-type ViewMode = 'grid' | 'list';
-const viewMode = ref<ViewMode>('grid');
+const clearSearch = () => {
+  handleSearch({ query: '' });
+};
+
+onMounted(() => {
+  fileStore.fetchFolderContents('root');
+  eventBus.on('move-items', handleSidebarMove);
+  eventBus.on('search-files', handleSearch);
+});
 
+onUnmounted(() => {
+  eventBus.off('move-items', handleSidebarMove);
+  eventBus.off('search-files', handleSearch);
+});
 </script>
 
 <template>
   <div class="my-files-page">
-    <input type="file" ref="fileInput" @change="handleFileSelect" style="display: none" multiple />
+    <input ref="fileInput" type="file" style="display: none" multiple @change="handleFileSelect" />
+
     <header class="page-header">
       <div class="header-left">
-        <Breadcrumb 
-          :path="path" 
-          @navigate="handleBreadcrumbNavigation"
-          @drop-on-folder="handleBreadcrumbDrop"
-        />
-        <div v-if="isSearching" class="search-indicator">
-          <span class="search-icon">🔍</span>
-          <span>搜索结果: "{{ searchQuery }}"</span>
-          <button @click="handleSearch({ query: '' })" class="clear-search-btn">✕</button>
+        <Breadcrumb :path="path" @navigate="navigateByBreadcrumb" @drop-on-folder="handleBreadcrumbDrop" />
+
+        <div v-if="isSearching" class="search-tag">
+          <span>Search: "{{ searchQuery }}"</span>
+          <button class="text-btn" @click="clearSearch">Clear</button>
         </div>
       </div>
+
       <div class="header-actions">
         <div v-if="selectedCount > 0" class="batch-actions">
           <span>{{ selectedCount }} selected</span>
-          <button @click="handleBatchDownload" class="batch-action-btn">Download</button>
-          <button @click="handleBatchDelete" class="batch-action-btn danger">Delete</button>
+          <button class="secondary-btn" @click="handleBatchDownload">Download</button>
+          <button class="danger-btn" @click="handleBatchDelete">Delete</button>
         </div>
-        <div class="view-switcher">
-          <button @click="viewMode = 'grid'" :class="{ active: viewMode === 'grid' }">Grid</button>
-          <button @click="viewMode = 'list'" :class="{ active: viewMode === 'list' }">List</button>
+
+        <div class="view-switcher" role="tablist" aria-label="View mode">
+          <button :class="{ active: viewMode === 'grid' }" @click="viewMode = 'grid'">Grid</button>
+          <button :class="{ active: viewMode === 'list' }" @click="viewMode = 'list'">List</button>
         </div>
-        <button class="action-btn" @click="handleCreateFolder">
-          <span>+ New Folder</span>
-        </button>
-        <button class="upload-btn" @click="triggerFileInput">
-          <span>⬆️ Upload</span>
+
+        <button class="secondary-btn" @click="setSort('name')">
+          Sort: {{ sortKey }} {{ sortDirection === 'asc' ? '↑' : '↓' }}
         </button>
+
+        <button class="secondary-btn" @click="handleCreateFolder">New Folder</button>
+        <button class="primary-btn" @click="triggerFileInput">Upload</button>
       </div>
     </header>
 
@@ -209,711 +229,551 @@ const viewMode = ref<ViewMode>('grid');
       @confirm="handleMoveConfirm"
     />
 
-    <ShareDialog
-      :is-visible="isShareDialogVisible"
-      :item-to-share="itemToShare"
-      @close="isShareDialogVisible = false"
-    />
+    <ShareDialog :is-visible="isShareDialogVisible" :item-to-share="itemToShare" @close="isShareDialogVisible = false" />
 
-    <!-- Upload Progress Section -->
-    <div v-if="uploadTasks.length > 0" class="upload-progress-area">
-      <h4>Uploading...</h4>
+    <div v-if="uploadTasks.length" class="upload-progress-area">
+      <h4>Upload Queue</h4>
       <div v-for="task in uploadTasks" :key="task.id" class="upload-task">
         <span class="task-name">{{ task.name }}</span>
-        <div class="progress-bar-container">
-          <div 
-            class="progress-bar" 
-            :style="{ width: task.progress.percentage + '%' }"
-          ></div>
-        </div>
-        <span class="task-percentage">{{ task.progress.percentage }}%</span>
+        <div class="progress-track"><div class="progress-fill" :style="{ width: `${task.progress.percentage}%` }" /></div>
+        <span class="task-percent">{{ task.progress.percentage }}%</span>
       </div>
     </div>
-    
-    <div 
-      class="file-display-area"
-      @dragenter="handleDragEnter"
-      @dragover="handleDragOver"
-      @dragleave="handleDragLeave"
-      @drop="handleDrop"
-    >
-      <!-- Drag and Drop Overlay -->
+
+    <div class="file-display-area" @dragenter="handleDragEnter" @dragover="handleDragOver" @dragleave="handleDragLeave" @drop="handleDrop">
       <div v-if="isDragging" class="drag-overlay">
         <div class="drag-overlay-content">
-          <span>⬆️</span>
-          <p>Drop files here to upload</p>
+          <svg viewBox="0 0 24 24" aria-hidden="true"><path d="M12 3v12m0-12l4 4m-4-4l-4 4M4 15v5h16v-5" /></svg>
+          <p>Drop files to upload</p>
         </div>
       </div>
 
-      <!-- 加载状态 -->
-      <div v-if="isLoading" class="loading-indicator">
-        Loading...
-      </div>
-      
-      <!-- 搜索结果为空的状态 -->
-      <div v-else-if="isSearching && searchResults.length === 0" class="empty-search-state">
-        <div class="empty-content">
-          <span class="empty-icon">🔍</span>
-          <h3>未找到匹配的文件</h3>
-          <p>尝试使用不同的关键词进行搜索</p>
-        </div>
-      </div>
-      
-      <!-- 空文件夹状态 -->
-      <div v-else-if="!isSearching && displayItems.length === 0" class="empty-folder-state">
-        <div class="empty-content">
-          <span class="empty-icon">📁</span>
-          <h3>文件夹为空</h3>
-          <p>点击上传按钮添加文件，或创建新文件夹</p>
-        </div>
-      </div>
-      <!-- List View -->
-      <div v-if="viewMode === 'list' && !isLoading" class="file-list">
-       <!-- List Header -->
-      <div class="list-header">
-        <div class="list-cell select-all"></div>
-        <button class="list-cell name" @click="setSort('name')">Name</button>
-        <button class="list-cell size" @click="setSort('size')">Size</button>
-        <button class="list-cell modified" @click="setSort('updatedAt')">Last Modified</button>
-        <div class="list-cell actions"></div>
+      <div v-if="isLoading" class="state">Loading...</div>
+
+      <div v-else-if="displayItems.length === 0" class="state">
+        <p v-if="isSearching">No matching result.</p>
+        <p v-else>This folder is empty. Upload files or create a folder.</p>
       </div>
-      <!-- List Body -->
-      <div 
-        v-for="(item, index) in displayItems" 
-        :key="`list-${item.id}-${index}`"
-        class="list-item"
-        :class="{ 'checkbox-selected': isSelected(item.id) }"
-        @click="handleItemClick(item)"
-        draggable="true"
-        @dragstart="handleDragItemStart($event, item)"
-        @drop.prevent="item.itemType === 'folder' && handleFolderDrop($event, item as FolderItem)"
-        @dragover.prevent="item.itemType === 'folder' && $event.dataTransfer && ($event.dataTransfer.dropEffect = 'move')"
-      >
-        <div class="list-cell select-cell" @click.stop>
-          <input 
-            type="checkbox" 
-            :checked="isSelected(item.id)"
-            @change.stop="toggleSelection(item.id)"
-            class="list-checkbox"
-          />
-        </div>
-        <div class="list-cell name-cell">
-          <img v-if="item.itemType === 'folder'" src="../../assets/generic/folder.svg" alt="" class="item-icon-small" />
-          <img v-else :src="getIconForFile(item.name)" alt="" class="item-icon-small" />
-          <span v-if="renamingItemId !== item.id" class="item-name">{{ item.name }}</span>
-          <input 
-            v-else
-            ref="renameInput"
-            v-model="renameInputValue"
-            class="rename-input"
-            @blur="finishRename"
-            @keydown.enter.prevent="finishRename"
-            @keydown.esc.prevent="cancelRename"
-          />
+
+      <div v-else-if="viewMode === 'list'" class="file-list">
+        <div class="list-header">
+          <div class="col checkbox" />
+          <button class="col name" @click="setSort('name')">Name</button>
+          <button class="col size" @click="setSort('size')">Size</button>
+          <button class="col time" @click="setSort('updatedAt')">Updated</button>
+          <div class="col actions" />
         </div>
-        <div class="list-cell size-cell">{{ item.size ? (item.size / 1024).toFixed(1) + ' KB' : '--' }}</div>
-        <div class="list-cell modified-cell">{{ new Date(item.updatedAt).toLocaleDateString() }}</div>
-        <div class="list-cell actions-cell" @click.stop>
-          <DropdownMenu>
-            <template #trigger>
-              <button class="kebab-btn"><span>⋮</span></button>
-            </template>
-            <template #content>
-               <div class="dropdown-content">
-                <button v-if="item.itemType === 'file'" @click="handleDownload(item as FileItem)" class="dropdown-item">
-                  <span class="dropdown-item-icon">⬇️</span>
-                  <span>Download</span>
-                </button>
-                <template v-if="!item.permission || item.permission === 'owner' || item.permission === 'write'">
-                  <button @click="startRename(item)" class="dropdown-item">
-                    <span class="dropdown-item-icon">✏️</span>
-                    <span>Rename</span>
-                  </button>
-                  <button @click="startMove(item)" class="dropdown-item">
-                    <span class="dropdown-item-icon">➡️</span>
-                    <span>Move</span>
-                  </button>
-                </template>
-                <!-- Share功能暂时禁用 - 后端未实现
-                <button @click="startShare(item)" class="dropdown-item">
-                  <span class="dropdown-item-icon">🤝</span>
-                  <span>Share</span>
-                </button>
-                -->
-                <button v-if="!item.permission || item.permission === 'owner' || item.permission === 'write'" @click="handleDelete(item)" class="dropdown-item danger">
-                  <span class="dropdown-item-icon">🗑️</span>
-                  <span>Delete</span>
-                </button>
-              </div>
-            </template>
-          </DropdownMenu>
+
+        <div
+          v-for="item in displayItems"
+          :key="`list-${item.id}`"
+          class="list-row"
+          :class="{ selected: isSelected(item.id) }"
+          draggable="true"
+          @dragstart="handleDragItemStart($event, item)"
+          @click="handleItemClick(item)"
+          @drop.prevent="item.itemType === 'folder' && handleFolderDrop($event, item as FolderItem)"
+          @dragover.prevent
+        >
+          <div class="col checkbox" @click.stop>
+            <input type="checkbox" :checked="isSelected(item.id)" @change.stop="toggleSelection(item.id)" />
+          </div>
+
+          <div class="col name name-cell">
+            <img v-if="item.itemType === 'folder'" src="../../assets/generic/folder.svg" alt="Folder" class="icon" />
+            <img v-else :src="getIconForFile(item.name)" alt="File" class="icon" />
+
+            <input
+              v-if="renamingItemId === item.id"
+              ref="renameInput"
+              v-model="renameInputValue"
+              class="rename-input"
+              @blur="finishRename"
+              @keydown.enter.prevent="finishRename"
+              @keydown.esc.prevent="cancelRename"
+            />
+            <span v-else>{{ item.name }}</span>
+
+            <button class="star-btn" :class="{ active: item.isStarred }" @click.stop="handleToggleStar(item)">`r`n              Star`r`n            </button>
+          </div>
+
+          <div class="col size">{{ item.itemType === 'file' ? `${(item.size / 1024).toFixed(1)} KB` : '--' }}</div>
+          <div class="col time">{{ new Date(item.updatedAt).toLocaleString() }}</div>
+
+          <div class="col actions" @click.stop>
+            <DropdownMenu>
+              <template #trigger>
+                <button class="menu-btn">...</button>
+              </template>
+              <template #content>
+                <div class="item-menu">
+                  <button v-if="item.itemType === 'file'" @click="handleDownload(item as FileItem)">Download</button>
+                  <button @click="startRename(item)">Rename</button>
+                  <button @click="startMove(item)">Move</button>
+                  <button @click="startShare(item)">Share</button>
+                  <button @click="handleToggleStar(item)">{{ item.isStarred ? 'Unstar' : 'Star' }}</button>
+                  <button class="danger" @click="handleDelete(item)">Delete</button>
+                </div>
+              </template>
+            </DropdownMenu>
+          </div>
         </div>
       </div>
-    </div>
-    
-    <!-- Grid View -->
-    <div v-if="viewMode === 'grid' && !isLoading" class="file-grid">
-      <div 
-        v-for="(item, index) in displayItems" 
-        :key="`grid-${item.id}-${index}`"
-        class="grid-item"
-        :class="{ 'checkbox-selected': isSelected(item.id) }"
-        @click="handleItemClick(item)"
-        draggable="true"
-        @dragstart="handleDragItemStart($event, item)"
-        @drop.prevent="item.itemType === 'folder' && handleFolderDrop($event, item as FolderItem)"
-        @dragover.prevent="item.itemType === 'folder' && $event.dataTransfer && ($event.dataTransfer.dropEffect = 'move')"
-      >
-        <div class="checkbox-container" :class="{ 'always-visible': isSelected(item.id) }" @click.stop>
-          <input 
-            type="checkbox" 
-            class="item-checkbox" 
-            :checked="isSelected(item.id)"
-            @change.stop="toggleSelection(item.id)"
-          />
-        </div>
-        <img v-if="item.itemType === 'folder'" src="../../assets/generic/folder.svg" alt="Folder" class="item-icon" />
-        <img v-else :src="getIconForFile(item.name)" alt="File" class="item-icon" />
-        <div class="item-name-wrapper">
-          <span v-if="renamingItemId !== item.id" class="item-name">{{ item.name }}</span>
-          <input
-            v-else
-            ref="renameInput"
-            v-model="renameInputValue"
-            class="rename-input"
-            @blur="finishRename"
-            @keydown.enter.prevent="finishRename"
-            @keydown.esc.prevent="cancelRename"
-          />
-        </div>
-        
-        <div class="item-actions" @click.stop>
-          <DropdownMenu>
-            <template #trigger>
-              <button class="kebab-btn">
-                <span>⋮</span>
-              </button>
-            </template>
-            <template #content>
-              <div class="dropdown-content">
-                 <button v-if="item.itemType === 'file'" @click="handleDownload(item as FileItem)" class="dropdown-item">
-                  <span class="dropdown-item-icon">⬇️</span>
-                  <span>Download</span>
-                </button>
-                <template v-if="!item.permission || item.permission === 'owner' || item.permission === 'write'">
-                  <button @click="startRename(item)" class="dropdown-item">
-                    <span class="dropdown-item-icon">✏️</span>
-                    <span>Rename</span>
-                  </button>
-                  <button @click="startMove(item)" class="dropdown-item">
-                    <span class="dropdown-item-icon">➡️</span>
-                    <span>Move</span>
-                  </button>
-                </template>
-                 <!-- Share功能暂时禁用 - 后端未实现
-                 <button @click="startShare(item)" class="dropdown-item">
-                  <span class="dropdown-item-icon">🤝</span>
-                  <span>Share</span>
-                </button>
-                -->
-                <button v-if="!item.permission || item.permission === 'owner' || item.permission === 'write'" @click="handleDelete(item)" class="dropdown-item danger">
-                  <span class="dropdown-item-icon">🗑️</span>
-                  <span>Delete</span>
-                </button>
-              </div>
-            </template>
-          </DropdownMenu>
+
+      <div v-else class="file-grid">
+        <div
+          v-for="item in displayItems"
+          :key="`grid-${item.id}`"
+          class="grid-card"
+          :class="{ selected: isSelected(item.id) }"
+          draggable="true"
+          @dragstart="handleDragItemStart($event, item)"
+          @click="handleItemClick(item)"
+          @drop.prevent="item.itemType === 'folder' && handleFolderDrop($event, item as FolderItem)"
+          @dragover.prevent
+        >
+          <div class="grid-check" @click.stop>
+            <input type="checkbox" :checked="isSelected(item.id)" @change.stop="toggleSelection(item.id)" />
+          </div>
+
+          <button class="star-btn floating" :class="{ active: item.isStarred }" @click.stop="handleToggleStar(item)">Star</button>
+
+          <img v-if="item.itemType === 'folder'" src="../../assets/generic/folder.svg" alt="Folder" class="grid-icon" />
+          <img v-else :src="getIconForFile(item.name)" alt="File" class="grid-icon" />
+
+          <div class="grid-name">
+            <input
+              v-if="renamingItemId === item.id"
+              ref="renameInput"
+              v-model="renameInputValue"
+              class="rename-input"
+              @blur="finishRename"
+              @keydown.enter.prevent="finishRename"
+              @keydown.esc.prevent="cancelRename"
+            />
+            <span v-else>{{ item.name }}</span>
+          </div>
+
+          <div class="grid-actions" @click.stop>
+            <DropdownMenu>
+              <template #trigger>
+                <button class="menu-btn">...</button>
+              </template>
+              <template #content>
+                <div class="item-menu">
+                  <button v-if="item.itemType === 'file'" @click="handleDownload(item as FileItem)">Download</button>
+                  <button @click="startRename(item)">Rename</button>
+                  <button @click="startMove(item)">Move</button>
+                  <button @click="startShare(item)">Share</button>
+                  <button @click="handleToggleStar(item)">{{ item.isStarred ? 'Unstar' : 'Star' }}</button>
+                  <button class="danger" @click="handleDelete(item)">Delete</button>
+                </div>
+              </template>
+            </DropdownMenu>
+          </div>
         </div>
       </div>
     </div>
-    </div>
   </div>
 </template>
 
 <style scoped>
-/* Styles are mostly the same, just adjusted the header */
 .my-files-page {
-  padding: var(--spacing-lg);
   display: flex;
   flex-direction: column;
+  gap: var(--spacing-md);
   height: 100%;
 }
+
 .page-header {
   display: flex;
   justify-content: space-between;
-  align-items: center;
-  margin-bottom: var(--spacing-lg);
-  flex-shrink: 0;
   gap: var(--spacing-md);
+  flex-wrap: wrap;
 }
 
 .header-left {
+  min-width: 0;
   display: flex;
   flex-direction: column;
   gap: var(--spacing-sm);
 }
 
-.search-indicator {
+.header-actions {
   display: flex;
   align-items: center;
   gap: var(--spacing-sm);
-  padding: var(--spacing-xs) var(--spacing-sm);
-  background-color: var(--color-primary-light);
-  border-radius: var(--border-radius-md);
-  font-size: 0.875rem;
-  color: var(--color-primary-dark);
+  flex-wrap: wrap;
+  justify-content: flex-end;
 }
 
-.search-icon {
-  font-size: 1rem;
+.search-tag {
+  display: inline-flex;
+  align-items: center;
+  gap: var(--spacing-sm);
+  background-color: var(--color-bg-tertiary);
+  border: 1px solid var(--color-border);
+  border-radius: 999px;
+  padding: 4px 10px;
+  color: var(--color-text-secondary);
 }
 
-.clear-search-btn {
-  background: none;
-  border: none;
-  color: var(--color-primary-dark);
+.text-btn,
+.primary-btn,
+.secondary-btn,
+.danger-btn {
+  height: 34px;
+  border-radius: 8px;
+  border: 1px solid transparent;
+  padding: 0 12px;
   cursor: pointer;
-  padding: 2px;
-  border-radius: 50%;
-  display: flex;
-  align-items: center;
-  justify-content: center;
-  width: 20px;
-  height: 20px;
-  font-size: 0.875rem;
-  transition: background-color var(--transition-base);
 }
 
-.clear-search-btn:hover {
-  background-color: rgba(var(--color-primary-rgb), 0.2);
+.text-btn,
+.secondary-btn {
+  background-color: var(--color-bg-primary);
+  border-color: var(--color-border);
 }
 
-.empty-search-state,
-.empty-folder-state {
-  flex-grow: 1;
-  display: flex;
-  align-items: center;
-  justify-content: center;
-  padding: var(--spacing-xl);
+.primary-btn {
+  background-color: var(--color-primary);
+  color: var(--color-text-on-primary);
 }
 
-.empty-content {
-  text-align: center;
-  color: var(--color-text-secondary);
+.danger-btn {
+  background-color: var(--color-danger-light);
+  border-color: #fca5a5;
+  color: var(--color-danger-dark);
 }
 
-.empty-icon {
-  font-size: 4rem;
-  margin-bottom: var(--spacing-lg);
-  opacity: 0.5;
+.batch-actions {
+  display: inline-flex;
+  align-items: center;
+  gap: var(--spacing-sm);
+  padding: 4px 8px;
+  background-color: var(--color-bg-tertiary);
+  border: 1px solid var(--color-border);
+  border-radius: 10px;
 }
 
-.empty-content h3 {
-  margin: 0 0 var(--spacing-md) 0;
-  font-size: 1.25rem;
-  font-weight: var(--font-weight-semibold);
+.view-switcher {
+  display: inline-flex;
+  border: 1px solid var(--color-border);
+  border-radius: 10px;
+  background-color: var(--color-bg-tertiary);
+  padding: 2px;
 }
 
-.empty-content p {
-  margin: 0;
-  font-size: 0.875rem;
-  opacity: 0.8;
+.view-switcher button {
+  width: 64px;
+  height: 30px;
+  border: none;
+  border-radius: 8px;
+  background: transparent;
+  cursor: pointer;
 }
-.header-actions {
-  display: flex;
-  align-items: center;
-  gap: var(--spacing-md);
+
+.view-switcher button.active {
+  background-color: var(--color-bg-primary);
+  box-shadow: var(--shadow-sm);
 }
-.batch-actions {
-  display: flex;
-  align-items: center;
-  gap: var(--spacing-sm);
-  padding: var(--spacing-xs) var(--spacing-sm);
+
+.upload-progress-area {
+  background-color: var(--color-bg-secondary);
   border: 1px solid var(--color-border);
   border-radius: var(--border-radius-md);
-  background-color: var(--color-bg-secondary);
-}
-.batch-actions span {
-  font-weight: var(--font-weight-medium);
-  color: var(--color-text-secondary);
+  padding: var(--spacing-md);
 }
-.batch-action-btn {
-  padding: var(--spacing-xs) var(--spacing-sm);
-  border-radius: var(--border-radius-sm);
-  border: 1px solid transparent;
-  background-color: transparent;
-  cursor: pointer;
-  transition: all var(--transition-base);
+
+.upload-progress-area h4 {
+  margin-bottom: var(--spacing-sm);
 }
-.batch-action-btn:hover {
-  background-color: var(--color-bg-tertiary);
-  border-color: var(--color-border-hover);
+
+.upload-task {
+  display: grid;
+  grid-template-columns: 220px 1fr 52px;
+  align-items: center;
+  gap: var(--spacing-sm);
+  margin-bottom: 8px;
 }
-.batch-action-btn.danger {
-  color: var(--color-danger);
+
+.task-name {
+  white-space: nowrap;
+  overflow: hidden;
+  text-overflow: ellipsis;
+  color: var(--color-text-secondary);
 }
-.batch-action-btn.danger:hover {
-  background-color: var(--color-danger-light);
-  color: var(--color-danger-dark);
-  border-color: var(--color-danger);
+
+.progress-track {
+  height: 8px;
+  border-radius: 999px;
+  background-color: var(--color-bg-quaternary);
+  overflow: hidden;
 }
 
-.action-btn {
-  background-color: var(--color-bg-secondary);
-  border: 1px solid var(--color-border);
-  border-radius: var(--border-radius-md);
-  padding: var(--spacing-sm) var(--spacing-md);
-  font-weight: var(--font-weight-medium);
-  cursor: pointer;
-  transition: all var(--transition-base);
+.progress-fill {
+  height: 100%;
+  background: linear-gradient(90deg, var(--color-primary), #4ea8ff);
 }
 
-.action-btn:hover {
-  background-color: var(--color-bg-tertiary);
-  border-color: var(--color-border-hover);
+.task-percent {
+  font-size: 12px;
+  color: var(--color-text-secondary);
 }
 
 .file-display-area {
   position: relative;
-  flex-grow: 1;
-  display: flex; /* To make the children (grid/list) take up space */
-  flex-direction: column;
+  flex: 1;
+  min-height: 0;
+  border: 1px solid var(--color-border);
+  border-radius: var(--border-radius-md);
+  background-color: var(--color-bg-secondary);
+  padding: var(--spacing-md);
+  overflow: auto;
 }
 
 .drag-overlay {
   position: absolute;
-  top: 0;
-  left: 0;
-  right: 0;
-  bottom: 0;
-  background-color: rgba(var(--color-primary-rgb), 0.1);
+  inset: 10px;
   border: 2px dashed var(--color-primary);
-  border-radius: var(--border-radius-lg);
+  border-radius: var(--border-radius-md);
+  background-color: rgba(var(--color-primary-rgb), 0.08);
   display: flex;
-  justify-content: center;
   align-items: center;
-  z-index: 10;
-  pointer-events: none; /* Allow drop events to pass through */
+  justify-content: center;
+  pointer-events: none;
+  z-index: 5;
 }
 
 .drag-overlay-content {
   text-align: center;
-  color: var(--color-primary);
+  color: var(--color-primary-dark);
 }
 
-.drag-overlay-content span {
-  font-size: 3rem;
+.drag-overlay-content svg {
+  width: 42px;
+  height: 42px;
+  fill: none;
+  stroke: currentColor;
+  stroke-width: 1.8;
 }
 
-.drag-overlay-content p {
-  font-size: 1.2rem;
-  font-weight: var(--font-weight-bold);
-  margin-top: var(--spacing-md);
+.state {
+  height: 100%;
+  min-height: 240px;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  color: var(--color-text-tertiary);
 }
 
-.file-grid {
-  flex-grow: 1;
-  display: grid;
-  grid-template-columns: repeat(auto-fill, minmax(150px, 1fr));
-  gap: var(--spacing-lg);
-  overflow-y: auto;
-}
-.grid-item {
+.file-list {
   display: flex;
   flex-direction: column;
-  align-items: center;
-  padding: var(--spacing-md);
-  border-radius: var(--border-radius-md);
-  transition: background-color var(--transition-base);
-  cursor: pointer;
-  height: fit-content;
-  position: relative;
-  border: 1px solid transparent; /* Add border for smooth transition */
+  gap: 6px;
 }
-.grid-item:hover {
-  background-color: var(--color-bg-tertiary);
-}
-.grid-item.selected {
-  background-color: var(--color-primary-light);
-  border: 1px solid var(--color-primary);
+
+.list-header,
+.list-row {
+  display: grid;
+  grid-template-columns: 44px 1.6fr 0.8fr 1.1fr 56px;
+  align-items: center;
+  gap: var(--spacing-sm);
 }
-.grid-item.checkbox-selected {
-  background-color: var(--color-primary-light);
-  border: 1px solid var(--color-primary);
+
+.list-header {
+  padding: 0 8px;
+  color: var(--color-text-tertiary);
+  font-size: 12px;
 }
-.upload-btn {
-  background-color: var(--color-primary);
-  color: var(--color-text-on-primary);
+
+.list-header button {
   border: none;
-  border-radius: var(--border-radius-md);
-  padding: var(--spacing-sm) var(--spacing-md);
-  font-weight: var(--font-weight-medium);
+  background: transparent;
   cursor: pointer;
-  transition: background-color var(--transition-base);
-}
-.upload-btn:hover {
-  background-color: var(--color-primary-hover);
-}
-.item-icon {
-  width: 64px;
-  height: 64px;
-  margin-bottom: var(--spacing-sm);
-  object-fit: contain;
-}
-.item-name {
-  font-size: 0.875rem;
-  color: var(--color-text-secondary);
-  text-align: center;
-  word-break: break-all;
+  text-align: left;
+  color: inherit;
 }
-.item-name-wrapper {
-  width: 100%;
-  text-align: center;
+
+.list-row {
+  min-height: 46px;
+  border: 1px solid transparent;
+  border-radius: 8px;
+  padding: 4px 8px;
 }
-.rename-input {
-  width: 100%;
-  padding: var(--spacing-xs);
-  font-size: 0.875rem;
-  border-radius: var(--border-radius-sm);
-  border: 1px solid var(--color-primary);
-  background-color: var(--color-bg-primary);
-  color: var(--color-text-primary);
-  text-align: center;
-  box-sizing: border-box;
+
+.list-row:hover {
+  background-color: var(--color-bg-tertiary);
 }
-.upload-progress-area {
-  margin-bottom: var(--spacing-lg);
-  padding: var(--spacing-md);
-  background-color: var(--color-bg-secondary);
-  border-radius: var(--border-radius-md);
-  box-shadow: var(--shadow-sm);
+
+.list-row.selected {
+  background-color: var(--color-primary-light);
+  border-color: rgba(var(--color-primary-rgb), 0.3);
 }
-.upload-task {
+
+.name-cell {
   display: flex;
   align-items: center;
-  gap: var(--spacing-md);
-  margin-top: var(--spacing-sm);
+  gap: 8px;
+  min-width: 0;
 }
-.task-name {
-  flex-grow: 1;
-  white-space: nowrap;
+
+.name-cell span {
   overflow: hidden;
   text-overflow: ellipsis;
+  white-space: nowrap;
 }
-.progress-bar-container {
-  width: 200px;
-  height: 8px;
-  background-color: var(--color-bg-tertiary);
-  border-radius: 4px;
-  overflow: hidden;
-}
-.progress-bar {
-  height: 100%;
-  background-color: var(--color-primary);
-  transition: width 0.3s ease;
-}
-.task-percentage {
-  font-size: 0.875rem;
-  font-weight: var(--font-weight-medium);
-  width: 40px;
-  text-align: right;
+
+.icon {
+  width: 22px;
+  height: 22px;
+  object-fit: contain;
 }
-.checkbox-container {
-  position: absolute;
-  top: var(--spacing-sm);
-  left: var(--spacing-sm);
+
+.star-btn {
   width: 24px;
   height: 24px;
-  display: flex;
-  align-items: center;
-  justify-content: center;
-  opacity: 0;
-  transition: opacity var(--transition-base);
-  background-color: rgba(255, 255, 255, 0.9);
-  border-radius: 4px;
-  box-shadow: 0 1px 3px rgba(0, 0, 0, 0.2);
-}
-.item-checkbox {
-  width: 18px;
-  height: 18px;
+  border-radius: 6px;
+  border: 1px solid transparent;
+  background: transparent;
+  color: var(--color-text-quaternary);
   cursor: pointer;
 }
-/* 强制显示被勾选的复选框 */
-.checkbox-container.always-visible {
-  opacity: 1 !important;
-  background-color: rgba(var(--color-primary-rgb), 0.1);
-}
-/* 鼠标悬停时显示 */
-.grid-item:hover .checkbox-container {
-  opacity: 1;
-}
-/* 项目被选中时显示 */
-.grid-item.selected .checkbox-container,
-.grid-item.checkbox-selected .checkbox-container {
-  opacity: 1;
-  background-color: rgba(var(--color-primary-rgb), 0.1);
-}
 
-.item-actions {
-  position: absolute;
-  bottom: var(--spacing-sm);
-  right: var(--spacing-sm);
-  opacity: 0;
-  transition: opacity var(--transition-base);
+.star-btn.active {
+  color: #f59e0b;
 }
 
-.grid-item:hover .item-actions,
-.grid-item.selected .item-actions,
-.grid-item.checkbox-selected .item-actions {
-  opacity: 1;
+.star-btn:hover {
+  border-color: var(--color-border);
 }
 
-.kebab-btn {
-  background: rgba(255, 255, 255, 0.7);
-  border: 1px solid var(--color-border);
-  border-radius: 50%;
+.menu-btn {
   width: 28px;
   height: 28px;
-  display: flex;
-  align-items: center;
-  justify-content: center;
+  border-radius: 8px;
+  border: 1px solid var(--color-border);
+  background-color: var(--color-bg-primary);
   cursor: pointer;
-  font-size: 1.2rem;
-  line-height: 1;
 }
 
-.dark-theme .kebab-btn {
-  background: rgba(var(--color-bg-tertiary), 0.7);
+.item-menu {
+  min-width: 140px;
+  display: flex;
+  flex-direction: column;
+  padding: 6px;
 }
 
-.dropdown-content {
-  padding: var(--spacing-xs);
-  min-width: 160px; /* Give the dropdown a bit more width */
-  background-color: var(--color-bg-primary);
-  border-radius: var(--border-radius-md);
-  box-shadow: var(--shadow-lg);
-  border: 1px solid var(--color-border);
-}
-/* dropdown item */
-.dropdown-item {
-  display: flex;
-  align-items: center;
-  gap: var(--spacing-sm);
-  width: 100%;
-  text-align: left;
-  padding: var(--spacing-sm) var(--spacing-md);
-  color: var(--color-text-secondary);
-  background: none;
+.item-menu button {
+  height: 32px;
   border: none;
-  font-size: var(--font-size-base);
+  border-radius: 6px;
+  background: transparent;
+  text-align: left;
+  padding: 0 8px;
   cursor: pointer;
-  white-space: nowrap; /* Prevent text from wrapping */
-  border-radius: var(--border-radius-sm);
-  transition: background-color 0.2s, color 0.2s;
+  color: var(--color-text-secondary);
 }
-.dropdown-item:hover {
+
+.item-menu button:hover {
   background-color: var(--color-bg-tertiary);
-  color: var(--color-text-primary);
 }
-.dropdown-item.danger:hover {
-  background-color: #fee2e2;
-  color: #b91c1c;
-}
-.dark-theme .dropdown-item.danger:hover {
-    background-color: #3f1a1a;
-    color: #fca5a5;
-}
-.dropdown-item-icon {
-  display: inline-flex;
-  align-items: center;
-  justify-content: center;
-  width: 1.2em;
-}
-.dropdown-item.danger {
-  color: #ef4444;
+
+.item-menu button.danger {
+  color: var(--color-danger);
 }
 
-/* List View Styles */
-.file-list {
-  flex-grow: 1;
-  display: flex;
-  flex-direction: column;
-  overflow-y: auto;
+.rename-input {
+  width: 100%;
+  border: 1px solid var(--color-primary);
+  border-radius: 6px;
+  padding: 2px 6px;
+  background-color: var(--color-bg-primary);
 }
-.list-header, .list-item {
+
+.file-grid {
   display: grid;
-  grid-template-columns: 40px 1fr 120px 200px 50px;
+  grid-template-columns: repeat(auto-fill, minmax(168px, 1fr));
   gap: var(--spacing-md);
-  align-items: center;
-  padding: 0 var(--spacing-md);
-}
-.list-header {
-  border-bottom: 1px solid var(--color-border);
-  padding-bottom: var(--spacing-sm);
-  margin-bottom: var(--spacing-sm);
-  font-weight: var(--font-weight-medium);
-  color: var(--color-text-secondary);
-}
-.list-header button {
-    background: none;
-    border: none;
-    cursor: pointer;
-    font-weight: inherit;
-    color: inherit;
-    text-align: left;
 }
 
-.view-switcher {
+.grid-card {
+  border: 1px solid var(--color-border);
+  border-radius: 12px;
+  background-color: var(--color-bg-primary);
+  padding: 12px;
+  position: relative;
   display: flex;
-  background-color: var(--color-bg-tertiary);
-  border-radius: var(--border-radius-md);
-  padding: 2px;
-}
-.view-switcher button {
-  padding: var(--spacing-xs) var(--spacing-sm);
-  border: none;
-  background-color: transparent;
-  border-radius: var(--border-radius-sm);
-  cursor: pointer;
+  flex-direction: column;
+  align-items: center;
+  gap: 8px;
 }
-.view-switcher button.active {
-  background-color: var(--color-bg-secondary);
+
+.grid-card:hover {
   box-shadow: var(--shadow-sm);
 }
 
-.list-item {
-  border-radius: var(--border-radius-md);
-  transition: background-color var(--transition-base);
-  padding: var(--spacing-sm) var(--spacing-md);
-}
-.list-item:hover {
-  background-color: var(--color-bg-tertiary);
-}
-.list-item.selected {
-  background-color: var(--color-primary-light);
-}
-.list-item.checkbox-selected {
+.grid-card.selected {
+  border-color: rgba(var(--color-primary-rgb), 0.6);
   background-color: var(--color-primary-light);
 }
 
-.name-cell {
-  display: flex;
-  align-items: center;
-  gap: var(--spacing-sm);
+.grid-check {
+  position: absolute;
+  top: 8px;
+  left: 8px;
 }
-.item-icon-small {
-  width: 24px;
-  height: 24px;
+
+.grid-icon {
+  width: 62px;
+  height: 62px;
   object-fit: contain;
+  margin-top: 8px;
 }
-.actions-cell {
-  display: flex;
-  justify-content: flex-end;
+
+.grid-name {
+  width: 100%;
+  text-align: center;
+  word-break: break-word;
+  min-height: 40px;
 }
 
-/* 列表视图中的复选框始终可见 */
-.list-checkbox {
-  width: 18px;
-  height: 18px;
+.grid-actions {
+  align-self: flex-end;
+}
+
+.star-btn.floating {
+  position: absolute;
+  top: 8px;
+  right: 8px;
+}
+
+@media (max-width: 900px) {
+  .page-header {
+    flex-direction: column;
+    align-items: stretch;
+  }
+
+  .header-actions {
+    justify-content: flex-start;
+  }
+
+  .upload-task {
+    grid-template-columns: 1fr;
+    gap: 4px;
+  }
+
+  .list-header,
+  .list-row {
+    grid-template-columns: 40px 1fr 90px 0;
+  }
+
+  .col.time,
+  .col.actions {
+    display: none;
+  }
 }
-</style> 
\ No newline at end of file
+</style>
+
+
+
diff --git a/web/src/pages/forgot-password/ForgotPassword.vue b/web/src/pages/forgot-password/ForgotPassword.vue
new file mode 100644
index 0000000..35d3f24
--- /dev/null
+++ b/web/src/pages/forgot-password/ForgotPassword.vue
@@ -0,0 +1,153 @@
+<script setup lang="ts">
+import { ref } from 'vue';
+import { forgotPassword } from '../../api/user';
+import AuthLayout from '../../components/layout/AuthLayout.vue';
+
+const email = ref('');
+const isSubmitting = ref(false);
+const errorMessage = ref('');
+const successMessage = ref('');
+
+const handleSubmit = async () => {
+  if (isSubmitting.value) return;
+
+  isSubmitting.value = true;
+  errorMessage.value = '';
+  successMessage.value = '';
+
+  try {
+    await forgotPassword(email.value);
+    successMessage.value = '重置邮件已发送，请检查邮箱。';
+  } catch (error) {
+    errorMessage.value = error instanceof Error ? error.message : '发送失败，请稍后再试。';
+  } finally {
+    isSubmitting.value = false;
+  }
+};
+</script>
+
+<template>
+  <AuthLayout>
+    <div class="auth-card">
+      <header class="auth-header">
+        <h1>找回密码</h1>
+        <p>输入注册邮箱，我们将发送密码重置链接。</p>
+      </header>
+
+      <form class="auth-form" @submit.prevent="handleSubmit">
+        <label class="field">
+          <span>邮箱地址</span>
+          <input v-model="email" type="email" placeholder="请输入邮箱地址" required />
+        </label>
+
+        <p v-if="errorMessage" class="error-message">{{ errorMessage }}</p>
+        <p v-if="successMessage" class="success-message">{{ successMessage }}</p>
+
+        <button class="submit-btn" type="submit" :disabled="isSubmitting">
+          {{ isSubmitting ? '发送中...' : '发送重置邮件' }}
+        </button>
+      </form>
+
+      <footer class="auth-footer">
+        <router-link to="/login">返回登录</router-link>
+      </footer>
+    </div>
+  </AuthLayout>
+</template>
+
+<style scoped>
+.auth-card {
+  width: 100%;
+  padding: 28px;
+  border-radius: 18px;
+  border: 1px solid rgba(255, 255, 255, 0.42);
+  background: rgba(255, 255, 255, 0.9);
+  backdrop-filter: blur(20px);
+  box-shadow: 0 24px 44px rgba(15, 23, 42, 0.2);
+}
+
+.auth-header {
+  margin-bottom: 20px;
+}
+
+.auth-header h1 {
+  font-size: 28px;
+  margin-bottom: 6px;
+}
+
+.auth-header p {
+  margin: 0;
+  color: #52667f;
+}
+
+.auth-form {
+  display: flex;
+  flex-direction: column;
+  gap: 14px;
+}
+
+.field {
+  display: flex;
+  flex-direction: column;
+  gap: 6px;
+}
+
+.field span {
+  font-size: 13px;
+  color: #334155;
+}
+
+.field input {
+  height: 42px;
+  border-radius: 10px;
+  border: 1px solid #cbd5e1;
+  background-color: #fff;
+  padding: 0 12px;
+}
+
+.field input:focus {
+  outline: none;
+  border-color: var(--color-primary);
+  box-shadow: 0 0 0 3px rgba(var(--color-primary-rgb), 0.14);
+}
+
+.error-message,
+.success-message {
+  margin: 0;
+  border-radius: 10px;
+  padding: 8px 10px;
+}
+
+.error-message {
+  color: var(--color-danger-dark);
+  background-color: var(--color-danger-light);
+  border: 1px solid #fca5a5;
+}
+
+.success-message {
+  color: #166534;
+  background-color: #dcfce7;
+  border: 1px solid #86efac;
+}
+
+.submit-btn {
+  margin-top: 4px;
+  height: 44px;
+  border-radius: 10px;
+  border: none;
+  background: linear-gradient(135deg, var(--color-primary), #3b82f6);
+  color: var(--color-text-on-primary);
+  font-weight: var(--font-weight-semibold);
+  cursor: pointer;
+}
+
+.submit-btn:disabled {
+  opacity: 0.7;
+  cursor: not-allowed;
+}
+
+.auth-footer {
+  margin-top: 16px;
+  text-align: center;
+}
+</style>
diff --git a/web/src/pages/forgot-password/index.ts b/web/src/pages/forgot-password/index.ts
new file mode 100644
index 0000000..378e060
--- /dev/null
+++ b/web/src/pages/forgot-password/index.ts
@@ -0,0 +1,3 @@
+import ForgotPassword from './ForgotPassword.vue';
+
+export default ForgotPassword;
diff --git a/web/src/pages/login/Login.vue b/web/src/pages/login/Login.vue
index 746b6bf..fc5e223 100644
--- a/web/src/pages/login/Login.vue
+++ b/web/src/pages/login/Login.vue
@@ -15,24 +15,21 @@ const isLoading = ref(false);
 const errorMessage = ref('');
 const showPassword = ref(false);
 
-/**
- * Handle login
- */
 const handleLogin = async () => {
   if (isLoading.value) return;
 
   isLoading.value = true;
   errorMessage.value = '';
-  
+
   try {
     const response = await login({
       username: username.value,
       password: password.value,
     });
-    userStore.setToken(response.token);
+
+    userStore.setToken(response.token, response.refreshToken);
     userStore.user = response.user;
-    
-    // 如果选择了记住我，保存到localStorage
+
     if (rememberMe.value) {
       localStorage.setItem('rememberMe', 'true');
       localStorage.setItem('savedUsername', username.value);
@@ -40,421 +37,205 @@ const handleLogin = async () => {
       localStorage.removeItem('rememberMe');
       localStorage.removeItem('savedUsername');
     }
-    
-    router.push('/');
+
+    router.push('/files');
   } catch (error) {
-    errorMessage.value = error instanceof Error ? error.message : '登录失败，请检查用户名和密码。';
+    errorMessage.value = error instanceof Error ? error.message : '登录失败，请检查账号信息。';
   } finally {
     isLoading.value = false;
   }
 };
 
-/**
- * Toggle password visibility
- */
-const togglePasswordVisibility = () => {
-  showPassword.value = !showPassword.value;
-};
-
-/**
- * Load saved credentials on component mount
- */
 const loadSavedCredentials = () => {
   const savedRememberMe = localStorage.getItem('rememberMe');
   const savedUsername = localStorage.getItem('savedUsername');
-  
+
   if (savedRememberMe === 'true' && savedUsername) {
     rememberMe.value = true;
     username.value = savedUsername;
   }
 };
 
-// 组件挂载时加载保存的凭据
 loadSavedCredentials();
 </script>
 
 <template>
   <AuthLayout>
-    <div class="login-container">
-      <div class="login-header">
-        <h1 class="title">欢迎使用 fileflash</h1>
-        <p class="subtitle">登录以继续使用</p>
-      </div>
-
-      <form @submit.prevent="handleLogin" class="login-form">
-        <div class="form-group">
-          <label for="username">用户名</label>
-          <div class="input-wrapper">
-            <svg class="input-icon" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
-              <path d="M20 21v-2a4 4 0 0 0-4-4H8a4 4 0 0 0-4 4v2"></path>
-              <circle cx="12" cy="7" r="4"></circle>
-            </svg>
-            <input 
-              id="username" 
-              type="text" 
-              v-model="username" 
-              placeholder="请输入用户名"
-              required 
-            />
-          </div>
-        </div>
-
-        <div class="form-group">
-          <label for="password">密码</label>
-          <div class="input-wrapper">
-            <svg class="input-icon" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
-              <rect x="3" y="11" width="18" height="11" rx="2" ry="2"></rect>
-              <circle cx="12" cy="16" r="1"></circle>
-              <path d="M7 11V7a5 5 0 0 1 10 0v4"></path>
-            </svg>
-            <input 
-              id="password" 
-              :type="showPassword ? 'text' : 'password'"
-              v-model="password" 
-              placeholder="请输入密码"
-              required 
-            />
-            <button 
-              type="button" 
-              class="password-toggle" 
-              @click="togglePasswordVisibility"
-              tabindex="-1"
-            >
-              <svg v-if="showPassword" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
-                <path d="M17.94 17.94A10.07 10.07 0 0 1 12 20c-7 0-11-8-11-8a18.45 18.45 0 0 1 5.06-5.94M9.9 4.24A9.12 9.12 0 0 1 12 4c7 0 11 8 11 8a18.5 18.5 0 0 1-2.16 3.19m-6.72-1.07a3 3 0 1 1-4.24-4.24"></path>
-                <line x1="1" y1="1" x2="23" y2="23"></line>
-              </svg>
-              <svg v-else viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
-                <path d="M1 12s4-8 11-8 11 8 11 8-4 8-11 8-11-8-11-8z"></path>
-                <circle cx="12" cy="12" r="3"></circle>
-              </svg>
+    <div class="auth-card">
+      <header class="auth-header">
+        <h1>欢迎登录 FileFlash</h1>
+        <p>高效管理你的云端文件与共享协作</p>
+      </header>
+
+      <form class="auth-form" @submit.prevent="handleLogin">
+        <label class="field">
+          <span>用户名 / 邮箱</span>
+          <input v-model="username" type="text" placeholder="请输入用户名或邮箱" required />
+        </label>
+
+        <label class="field">
+          <span>密码</span>
+          <div class="password-wrap">
+            <input v-model="password" :type="showPassword ? 'text' : 'password'" placeholder="请输入密码" required />
+            <button type="button" class="password-toggle" @click="showPassword = !showPassword">
+              {{ showPassword ? '隐藏' : '显示' }}
             </button>
           </div>
-        </div>
+        </label>
 
-        <div class="form-group checkbox-group">
-          <label class="checkbox-label">
-            <input 
-              type="checkbox" 
-              v-model="rememberMe"
-              class="checkbox-input"
-            />
-            <span class="checkbox-custom"></span>
-            <span class="checkbox-text">记住我</span>
+        <div class="extra-row">
+          <label class="remember">
+            <input v-model="rememberMe" type="checkbox" />
+            <span>记住我</span>
           </label>
+          <router-link to="/forgot-password">忘记密码</router-link>
         </div>
 
-        <div v-if="errorMessage" class="error-message">
-          <svg class="error-icon" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
-            <circle cx="12" cy="12" r="10"></circle>
-            <line x1="15" y1="9" x2="9" y2="15"></line>
-            <line x1="9" y1="9" x2="15" y2="15"></line>
-          </svg>
-          {{ errorMessage }}
-        </div>
+        <p v-if="errorMessage" class="error-message">{{ errorMessage }}</p>
 
-        <button type="submit" class="login-button" :disabled="isLoading">
-          <svg v-if="isLoading" class="loading-icon" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
-            <path d="M21 12a9 9 0 11-6.219-8.56"/>
-          </svg>
-          <span v-if="isLoading">登录中...</span>
-          <span v-else>登录</span>
+        <button class="submit-btn" type="submit" :disabled="isLoading">
+          {{ isLoading ? '登录中...' : '登录' }}
         </button>
       </form>
 
-      <div class="login-footer">
-        <p>
-          还没有账户？ <a href="/register">立即注册</a>
-        </p>
-      </div>
+      <footer class="auth-footer">
+        <span>还没有账号？</span>
+        <router-link to="/register">立即注册</router-link>
+      </footer>
     </div>
   </AuthLayout>
 </template>
 
 <style scoped>
-.login-container {
+.auth-card {
   width: 100%;
-  max-width: 100%;
-  padding: 2.5rem;
-  background: rgba(255, 255, 255, 0.98);
+  padding: 28px;
+  border-radius: 18px;
+  border: 1px solid rgba(255, 255, 255, 0.42);
+  background: rgba(255, 255, 255, 0.9);
   backdrop-filter: blur(20px);
-  border-radius: 20px;
-  box-shadow: 0 25px 50px rgba(0, 0, 0, 0.15), 
-              0 10px 30px rgba(0, 0, 0, 0.1);
-  text-align: center;
-  border: 1px solid rgba(255, 255, 255, 0.5);
-  position: relative;
+  box-shadow: 0 24px 44px rgba(15, 23, 42, 0.2);
 }
 
-.login-container::before {
-  content: '';
-  position: absolute;
-  top: 0;
-  left: 0;
-  right: 0;
-  height: 4px;
-  background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
-  border-radius: 20px 20px 0 0;
+.auth-header {
+  margin-bottom: 20px;
 }
 
-.login-header {
-  margin-bottom: 2rem;
+.auth-header h1 {
+  font-size: 28px;
+  margin-bottom: 6px;
 }
 
-.title {
-  font-size: 2rem;
-  font-weight: 700;
-  color: var(--color-text-primary);
-  margin-bottom: 0.5rem;
-  background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
-  -webkit-background-clip: text;
-  -webkit-text-fill-color: transparent;
-  background-clip: text;
+.auth-header p {
+  margin: 0;
+  color: #52667f;
 }
 
-.subtitle {
-  color: var(--color-text-secondary);
-  font-size: 1rem;
-  opacity: 0.8;
-}
-
-.login-form {
-  max-width: 100%;
-  margin: 0 auto;
+.auth-form {
+  display: flex;
+  flex-direction: column;
+  gap: 14px;
 }
 
-.form-group {
-  margin-bottom: 1.5rem;
-  text-align: left;
+.field {
+  display: flex;
+  flex-direction: column;
+  gap: 6px;
 }
 
-.form-group label {
-  display: block;
-  margin-bottom: 0.5rem;
-  font-weight: 600;
-  color: var(--color-text-secondary);
-  font-size: 0.9rem;
+.field span {
+  font-size: 13px;
+  color: #334155;
 }
 
-.input-wrapper {
-  position: relative;
-  display: flex;
-  align-items: center;
+.field input {
+  height: 42px;
+  border-radius: 10px;
+  border: 1px solid #cbd5e1;
+  background-color: #fff;
+  padding: 0 12px;
 }
 
-.input-icon {
-  position: absolute;
-  left: 12px;
-  width: 20px;
-  height: 20px;
-  color: #9ca3af;
-  z-index: 1;
-  transition: color 0.3s ease;
+.field input:focus {
+  outline: none;
+  border-color: var(--color-primary);
+  box-shadow: 0 0 0 3px rgba(var(--color-primary-rgb), 0.14);
 }
 
-.input-wrapper:focus-within .input-icon {
-  color: #667eea;
+.password-wrap {
+  position: relative;
 }
 
-.form-group input {
+.password-wrap input {
   width: 100%;
-  padding: 0.9rem 0.9rem 0.9rem 2.8rem;
-  font-size: 1rem;
-  border: 2px solid #e5e7eb;
-  border-radius: 12px;
-  background-color: rgba(255, 255, 255, 0.9);
-  color: var(--color-text-primary);
-  transition: all 0.3s ease;
-  box-shadow: 0 2px 8px rgba(0, 0, 0, 0.05);
-}
-
-.form-group input:focus {
-  outline: none;
-  border-color: #667eea;
-  background-color: rgba(255, 255, 255, 1);
-  box-shadow: 0 0 0 3px rgba(102, 126, 234, 0.1);
-  transform: translateY(-1px);
+  padding-right: 64px;
 }
 
 .password-toggle {
   position: absolute;
-  right: 12px;
-  background: none;
+  right: 8px;
+  top: 50%;
+  transform: translateY(-50%);
   border: none;
+  background: transparent;
+  color: var(--color-primary);
   cursor: pointer;
-  padding: 4px;
-  border-radius: 6px;
-  transition: background-color 0.2s ease;
-}
-
-.password-toggle:hover {
-  background-color: rgba(0, 0, 0, 0.05);
 }
 
-.password-toggle svg {
-  width: 20px;
-  height: 20px;
-  color: #9ca3af;
-}
-
-.checkbox-group {
-  margin-bottom: 2rem;
-}
-
-.checkbox-label {
+.extra-row {
   display: flex;
+  justify-content: space-between;
   align-items: center;
-  cursor: pointer;
-  font-size: 0.9rem;
-  color: var(--color-text-secondary);
-}
-
-.checkbox-input {
-  display: none;
-}
-
-.checkbox-custom {
-  width: 18px;
-  height: 18px;
-  border: 2px solid #d1d5db;
-  border-radius: 4px;
-  margin-right: 8px;
-  position: relative;
-  transition: all 0.3s ease;
-  background-color: white;
-  flex-shrink: 0;
-  display: inline-block;
-}
-
-.checkbox-input:checked + .checkbox-custom {
-  background-color: #667eea;
-  border-color: #667eea;
-}
-
-.checkbox-input:checked + .checkbox-custom::after {
-  content: '';
-  position: absolute;
-  top: 2px;
-  left: 5px;
-  width: 6px;
-  height: 10px;
-  border: solid white;
-  border-width: 0 2px 2px 0;
-  transform: rotate(45deg);
-}
-
-.checkbox-text {
-  user-select: none;
+  font-size: 13px;
 }
 
-.error-message {
-  display: flex;
+.remember {
+  display: inline-flex;
   align-items: center;
-  color: #ef4444;
-  background: linear-gradient(135deg, rgba(239, 68, 68, 0.1), rgba(239, 68, 68, 0.05));
-  padding: 1rem;
-  border-radius: 12px;
-  margin-bottom: 1.5rem;
-  font-size: 0.9rem;
-  border-left: 4px solid #ef4444;
+  gap: 6px;
 }
 
-.error-icon {
-  width: 20px;
-  height: 20px;
-  margin-right: 8px;
-  flex-shrink: 0;
-}
-
-.login-button {
-  width: 100%;
-  padding: 1rem;
-  font-size: 1.1rem;
-  font-weight: 600;
-  color: white;
-  background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+.error-message {
+  margin: 0;
+  color: var(--color-danger-dark);
+  background-color: var(--color-danger-light);
+  border: 1px solid #fca5a5;
+  border-radius: 10px;
+  padding: 8px 10px;
+}
+
+.submit-btn {
+  margin-top: 4px;
+  height: 44px;
+  border-radius: 10px;
   border: none;
-  border-radius: 12px;
+  background: linear-gradient(135deg, var(--color-primary), #3b82f6);
+  color: var(--color-text-on-primary);
+  font-weight: var(--font-weight-semibold);
   cursor: pointer;
-  transition: all 0.3s ease;
-  box-shadow: 0 4px 15px rgba(102, 126, 234, 0.3);
-  position: relative;
-  overflow: hidden;
-  display: flex;
-  align-items: center;
-  justify-content: center;
-  gap: 8px;
-}
-
-.login-button::before {
-  content: '';
-  position: absolute;
-  top: 0;
-  left: -100%;
-  width: 100%;
-  height: 100%;
-  background: linear-gradient(90deg, transparent, rgba(255, 255, 255, 0.2), transparent);
-  transition: left 0.5s;
-}
-
-.login-button:hover:not(:disabled) {
-  transform: translateY(-2px);
-  box-shadow: 0 6px 20px rgba(102, 126, 234, 0.4);
 }
 
-.login-button:hover:not(:disabled)::before {
-  left: 100%;
-}
-
-.login-button:disabled {
+.submit-btn:disabled {
   opacity: 0.7;
   cursor: not-allowed;
-  transform: none;
 }
 
-.loading-icon {
-  width: 20px;
-  height: 20px;
-  animation: spin 1s linear infinite;
-}
-
-@keyframes spin {
-  from { transform: rotate(0deg); }
-  to { transform: rotate(360deg); }
-}
-
-.login-footer {
-  margin-top: 2rem;
-  font-size: 0.9rem;
-  color: var(--color-text-tertiary);
-}
-
-a {
-  color: #667eea;
-  text-decoration: none;
-  font-weight: 600;
-  transition: color 0.3s ease;
-}
-
-a:hover {
-  color: #764ba2;
-  text-decoration: underline;
+.auth-footer {
+  margin-top: 18px;
+  font-size: 13px;
+  color: #475569;
+  display: flex;
+  gap: 6px;
+  justify-content: center;
 }
 
-/* 响应式设计 */
 @media (max-width: 480px) {
-  .login-container {
-    padding: 2rem 1.5rem;
-    background: rgba(255, 255, 255, 0.95);
-    backdrop-filter: blur(15px);
+  .auth-card {
+    padding: 22px 18px;
   }
-  
-  .title {
-    font-size: 1.6rem;
-  }
-  
-  .form-group input {
-    padding: 0.8rem 0.8rem 0.8rem 2.6rem;
+
+  .auth-header h1 {
+    font-size: 23px;
   }
 }
 </style>
diff --git a/web/src/pages/profile/Profile.vue b/web/src/pages/profile/Profile.vue
index 36f58f0..c1e693e 100644
--- a/web/src/pages/profile/Profile.vue
+++ b/web/src/pages/profile/Profile.vue
@@ -49,15 +49,15 @@ const formatFileSize = (bytes: number) => {
 
 const getActivityIcon = (operation: string) => {
   const iconMap: Record<string, string> = {
-    file_upload: '⬆️',
-    file_download: '⬇️',
-    file_delete: '🗑️',
-    folder_create: '📁',
-    file_share: '🔗',
-    user_login: '🔑',
-    login: '🔑'
+    file_upload: 'UP',
+    file_download: 'DL',
+    file_delete: 'DEL',
+    folder_create: 'DIR',
+    file_share: 'SHR',
+    user_login: 'LOG',
+    login: 'LOG'
   };
-  return iconMap[operation] || '📄';
+  return iconMap[operation] || 'EVT';
 };
 
 const getActivityText = (activity: ActivityItem) => {
@@ -88,6 +88,11 @@ const getBrowserName = (userAgent: string) => {
   if (userAgent.includes('MSIE') || userAgent.includes('Trident')) return 'Internet Explorer';
   return '未知浏览器';
 };
+
+const getActivityUserAgent = (activity: ActivityItem) => {
+  const value = activity.details.user_agent;
+  return typeof value === 'string' ? value : '';
+};
 </script>
 
 <template>
@@ -197,8 +202,8 @@ const getBrowserName = (userAgent: string) => {
                 <div class="activity-meta">
                   <span class="activity-time">{{ new Date(activity.performedAt).toLocaleString('zh-CN') }}</span>
                   <span class="activity-ip">{{ activity.ipAddress }}</span>
-                  <span v-if="activity.details.user_agent" class="activity-browser" :title="activity.details.user_agent">
-                    🌐 {{ getBrowserName(activity.details.user_agent) }}
+                  <span v-if="getActivityUserAgent(activity)" class="activity-browser" :title="getActivityUserAgent(activity)">
+                    {{ getBrowserName(getActivityUserAgent(activity)) }}
                   </span>
                 </div>
               </div>
@@ -578,4 +583,4 @@ const getBrowserName = (userAgent: string) => {
     max-height: 300px;
   }
 }
-</style> 
\ No newline at end of file
+</style> 
diff --git a/web/src/pages/register/Register.vue b/web/src/pages/register/Register.vue
index 82dc25d..905449e 100644
--- a/web/src/pages/register/Register.vue
+++ b/web/src/pages/register/Register.vue
@@ -1,438 +1,223 @@
-<template>
-  <AuthLayout>
-    <div class="register-container">
-      <div class="register-header">
-        <h1 class="title">注册 fileflash 账户</h1>
-        <p class="subtitle">创建您的账户以开始使用</p>
-      </div>
-
-      <form @submit.prevent="handleRegister" class="register-form">
-        <div class="form-group">
-          <label for="username">用户名</label>
-          <div class="input-wrapper">
-            <svg class="input-icon" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
-              <path d="M20 21v-2a4 4 0 0 0-4-4H8a4 4 0 0 0-4 4v2"></path>
-              <circle cx="12" cy="7" r="4"></circle>
-            </svg>
-            <input 
-              id="username" 
-              type="text" 
-              v-model="username" 
-              placeholder="请输入用户名"
-              required 
-            />
-          </div>
-        </div>
-
-        <div class="form-group">
-          <label for="Email">邮箱地址</label>
-          <div class="input-wrapper">
-            <svg class="input-icon" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
-              <path d="M4 4h16c1.1 0 2 .9 2 2v12c0 1.1-.9 2-2 2H4c-1.1 0-2-.9-2-2V6c0-1.1.9-2 2-2z"></path>
-              <polyline points="22,6 12,13 2,6"></polyline>
-            </svg>
-            <input 
-              id="Email" 
-              type="email" 
-              v-model="email" 
-              placeholder="请输入邮箱地址"
-              required 
-            />
-          </div>
-        </div>
-
-        <div class="form-group">
-          <label for="password">密码</label>
-          <div class="input-wrapper">
-            <svg class="input-icon" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
-              <rect x="3" y="11" width="18" height="11" rx="2" ry="2"></rect>
-              <circle cx="12" cy="16" r="1"></circle>
-              <path d="M7 11V7a5 5 0 0 1 10 0v4"></path>
-            </svg>
-            <input 
-              id="password" 
-              :type="showPassword ? 'text' : 'password'"
-              v-model="password" 
-              placeholder="请输入密码"
-              required 
-            />
-            <button 
-              type="button" 
-              class="password-toggle" 
-              @click="togglePasswordVisibility"
-              tabindex="-1"
-            >
-              <svg v-if="showPassword" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
-                <path d="M17.94 17.94A10.07 10.07 0 0 1 12 20c-7 0-11-8-11-8a18.45 18.45 0 0 1 5.06-5.94M9.9 4.24A9.12 9.12 0 0 1 12 4c7 0 11 8 11 8a18.5 18.5 0 0 1-2.16 3.19m-6.72-1.07a3 3 0 1 1-4.24-4.24"></path>
-                <line x1="1" y1="1" x2="23" y2="23"></line>
-              </svg>
-              <svg v-else viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
-                <path d="M1 12s4-8 11-8 11 8 11 8-4 8-11 8-11-8-11-8z"></path>
-                <circle cx="12" cy="12" r="3"></circle>
-              </svg>
-            </button>
-          </div>
-        </div>
-
-        <div class="form-group">
-          <label for="password2">确认密码</label>
-          <div class="input-wrapper">
-            <svg class="input-icon" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
-              <rect x="3" y="11" width="18" height="11" rx="2" ry="2"></rect>
-              <circle cx="12" cy="16" r="1"></circle>
-              <path d="M7 11V7a5 5 0 0 1 10 0v4"></path>
-            </svg>
-            <input 
-              id="password2" 
-              :type="showConfirmPassword ? 'text' : 'password'"
-              v-model="password2" 
-              placeholder="请再次输入密码"
-              required 
-            />
-            <button 
-              type="button" 
-              class="password-toggle" 
-              @click="toggleConfirmPasswordVisibility"
-              tabindex="-1"
-            >
-              <svg v-if="showConfirmPassword" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
-                <path d="M17.94 17.94A10.07 10.07 0 0 1 12 20c-7 0-11-8-11-8a18.45 18.45 0 0 1 5.06-5.94M9.9 4.24A9.12 9.12 0 0 1 12 4c7 0 11 8 11 8a18.5 18.5 0 0 1-2.16 3.19m-6.72-1.07a3 3 0 1 1-4.24-4.24"></path>
-                <line x1="1" y1="1" x2="23" y2="23"></line>
-              </svg>
-              <svg v-else viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
-                <path d="M1 12s4-8 11-8 11 8 11 8-4 8-11 8-11-8-11-8z"></path>
-                <circle cx="12" cy="12" r="3"></circle>
-              </svg>
-            </button>
-          </div>
-        </div>
-
-        <div v-if="errorMessage" class="error-message">
-          <svg class="error-icon" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
-            <circle cx="12" cy="12" r="10"></circle>
-            <line x1="15" y1="9" x2="9" y2="15"></line>
-            <line x1="9" y1="9" x2="15" y2="15"></line>
-          </svg>
-          {{ errorMessage }}
-        </div>
-
-        <button type="submit" class="register-button" :disabled="isLoading">
-          <svg v-if="isLoading" class="loading-icon" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
-            <path d="M21 12a9 9 0 11-6.219-8.56"/>
-          </svg>
-          <span v-if="isLoading">注册中...</span>
-          <span v-else>注册</span>
-        </button>
-      </form>
-
-      <div class="register-footer">
-        <p>
-          已有账户？ <a href="/login">立即登录</a>
-        </p>
-      </div>
-    </div>
-  </AuthLayout>
-</template>
-
 <script setup lang="ts">
 import { ref } from 'vue';
 import { useRouter } from 'vue-router';
-import { useUserStore } from '../../store/user';
 import { register } from '../../api/user';
 import AuthLayout from '../../components/layout/AuthLayout.vue';
 
 const router = useRouter();
-const userStore = useUserStore();
 
 const username = ref('');
 const email = ref('');
 const password = ref('');
-const password2 = ref('');
+const confirmPassword = ref('');
 const showPassword = ref(false);
 const showConfirmPassword = ref(false);
-
 const isLoading = ref(false);
 const errorMessage = ref('');
 
-/**
- * Toggle password visibility
- */
-const togglePasswordVisibility = () => {
-  showPassword.value = !showPassword.value;
-};
-
-/**
- * Toggle confirm password visibility
- */
-const toggleConfirmPasswordVisibility = () => {
-  showConfirmPassword.value = !showConfirmPassword.value;
-};
-
-/**
- * Handle registration
- */
 const handleRegister = async () => {
-  if (password.value !== password2.value) {
-    errorMessage.value = '两次输入的密码不一致，请重新确认。';
+  if (password.value !== confirmPassword.value) {
+    errorMessage.value = '两次输入的密码不一致。';
     return;
   }
-  
+
   if (isLoading.value) return;
 
   isLoading.value = true;
   errorMessage.value = '';
-  
+
   try {
-    const response = await register({
+    await register({
       username: username.value,
       email: email.value,
       password: password.value,
     });
-    
-    // 注册成功后跳转到登录页面
+
     router.push('/login');
   } catch (error) {
-    errorMessage.value = error instanceof Error ? error.message : '注册失败，请稍后重试。';
+    errorMessage.value = error instanceof Error ? error.message : '注册失败，请稍后再试。';
   } finally {
     isLoading.value = false;
   }
 };
 </script>
 
+<template>
+  <AuthLayout>
+    <div class="auth-card">
+      <header class="auth-header">
+        <h1>创建 FileFlash 账号</h1>
+        <p>注册后即可上传、共享、恢复与管理你的文件</p>
+      </header>
+
+      <form class="auth-form" @submit.prevent="handleRegister">
+        <label class="field">
+          <span>用户名</span>
+          <input v-model="username" type="text" placeholder="请输入用户名" required />
+        </label>
+
+        <label class="field">
+          <span>邮箱</span>
+          <input v-model="email" type="email" placeholder="请输入邮箱地址" required />
+        </label>
+
+        <label class="field">
+          <span>密码</span>
+          <div class="password-wrap">
+            <input v-model="password" :type="showPassword ? 'text' : 'password'" placeholder="请输入密码" required />
+            <button type="button" class="password-toggle" @click="showPassword = !showPassword">
+              {{ showPassword ? '隐藏' : '显示' }}
+            </button>
+          </div>
+        </label>
+
+        <label class="field">
+          <span>确认密码</span>
+          <div class="password-wrap">
+            <input
+              v-model="confirmPassword"
+              :type="showConfirmPassword ? 'text' : 'password'"
+              placeholder="请再次输入密码"
+              required
+            />
+            <button type="button" class="password-toggle" @click="showConfirmPassword = !showConfirmPassword">
+              {{ showConfirmPassword ? '隐藏' : '显示' }}
+            </button>
+          </div>
+        </label>
+
+        <p v-if="errorMessage" class="error-message">{{ errorMessage }}</p>
+
+        <button class="submit-btn" type="submit" :disabled="isLoading">
+          {{ isLoading ? '注册中...' : '注册' }}
+        </button>
+      </form>
+
+      <footer class="auth-footer">
+        <span>已有账号？</span>
+        <router-link to="/login">前往登录</router-link>
+      </footer>
+    </div>
+  </AuthLayout>
+</template>
+
 <style scoped>
-.register-container {
+.auth-card {
   width: 100%;
-  max-width: 100%;
-  padding: 2.5rem;
-  background: rgba(255, 255, 255, 0.98);
+  padding: 28px;
+  border-radius: 18px;
+  border: 1px solid rgba(255, 255, 255, 0.42);
+  background: rgba(255, 255, 255, 0.9);
   backdrop-filter: blur(20px);
-  border-radius: 20px;
-  box-shadow: 0 25px 50px rgba(0, 0, 0, 0.15), 
-              0 10px 30px rgba(0, 0, 0, 0.1);
-  text-align: center;
-  border: 1px solid rgba(255, 255, 255, 0.5);
-  position: relative;
-}
-
-.register-container::before {
-  content: '';
-  position: absolute;
-  top: 0;
-  left: 0;
-  right: 0;
-  height: 4px;
-  background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
-  border-radius: 20px 20px 0 0;
+  box-shadow: 0 24px 44px rgba(15, 23, 42, 0.2);
 }
 
-.register-header {
-  margin-bottom: 2rem;
+.auth-header {
+  margin-bottom: 20px;
 }
 
-.title {
-  font-size: 2rem;
-  font-weight: 700;
-  color: var(--color-text-primary);
-  margin-bottom: 0.5rem;
-  background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
-  -webkit-background-clip: text;
-  -webkit-text-fill-color: transparent;
-  background-clip: text;
+.auth-header h1 {
+  font-size: 28px;
+  margin-bottom: 6px;
 }
 
-.subtitle {
-  color: var(--color-text-secondary);
-  font-size: 1rem;
-  opacity: 0.8;
+.auth-header p {
+  margin: 0;
+  color: #52667f;
 }
 
-.register-form {
-  max-width: 100%;
-  margin: 0 auto;
+.auth-form {
+  display: flex;
+  flex-direction: column;
+  gap: 14px;
 }
 
-.form-group {
-  margin-bottom: 1.5rem;
-  text-align: left;
+.field {
+  display: flex;
+  flex-direction: column;
+  gap: 6px;
 }
 
-.form-group label {
-  display: block;
-  margin-bottom: 0.5rem;
-  font-weight: 600;
-  color: var(--color-text-secondary);
-  font-size: 0.9rem;
+.field span {
+  font-size: 13px;
+  color: #334155;
 }
 
-.input-wrapper {
-  position: relative;
-  display: flex;
-  align-items: center;
+.field input {
+  height: 42px;
+  border-radius: 10px;
+  border: 1px solid #cbd5e1;
+  background-color: #fff;
+  padding: 0 12px;
 }
 
-.input-icon {
-  position: absolute;
-  left: 12px;
-  width: 20px;
-  height: 20px;
-  color: #9ca3af;
-  z-index: 1;
-  transition: color 0.3s ease;
+.field input:focus {
+  outline: none;
+  border-color: var(--color-primary);
+  box-shadow: 0 0 0 3px rgba(var(--color-primary-rgb), 0.14);
 }
 
-.input-wrapper:focus-within .input-icon {
-  color: #667eea;
+.password-wrap {
+  position: relative;
 }
 
-.form-group input {
+.password-wrap input {
   width: 100%;
-  padding: 0.9rem 0.9rem 0.9rem 2.8rem;
-  font-size: 1rem;
-  border: 2px solid #e5e7eb;
-  border-radius: 12px;
-  background-color: rgba(255, 255, 255, 0.9);
-  color: var(--color-text-primary);
-  transition: all 0.3s ease;
-  box-shadow: 0 2px 8px rgba(0, 0, 0, 0.05);
-}
-
-.form-group input:focus {
-  outline: none;
-  border-color: #667eea;
-  background-color: rgba(255, 255, 255, 1);
-  box-shadow: 0 0 0 3px rgba(102, 126, 234, 0.1);
-  transform: translateY(-1px);
+  padding-right: 64px;
 }
 
 .password-toggle {
   position: absolute;
-  right: 12px;
-  background: none;
+  right: 8px;
+  top: 50%;
+  transform: translateY(-50%);
   border: none;
+  background: transparent;
+  color: var(--color-primary);
   cursor: pointer;
-  padding: 4px;
-  border-radius: 6px;
-  transition: background-color 0.2s ease;
-}
-
-.password-toggle:hover {
-  background-color: rgba(0, 0, 0, 0.05);
-}
-
-.password-toggle svg {
-  width: 20px;
-  height: 20px;
-  color: #9ca3af;
 }
 
 .error-message {
-  display: flex;
-  align-items: center;
-  color: #ef4444;
-  background: linear-gradient(135deg, rgba(239, 68, 68, 0.1), rgba(239, 68, 68, 0.05));
-  padding: 1rem;
-  border-radius: 12px;
-  margin-bottom: 1.5rem;
-  font-size: 0.9rem;
-  border-left: 4px solid #ef4444;
-}
-
-.error-icon {
-  width: 20px;
-  height: 20px;
-  margin-right: 8px;
-  flex-shrink: 0;
-}
-
-.register-button {
-  width: 100%;
-  padding: 1rem;
-  font-size: 1.1rem;
-  font-weight: 600;
-  color: white;
-  background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+  margin: 0;
+  color: var(--color-danger-dark);
+  background-color: var(--color-danger-light);
+  border: 1px solid #fca5a5;
+  border-radius: 10px;
+  padding: 8px 10px;
+}
+
+.submit-btn {
+  margin-top: 4px;
+  height: 44px;
+  border-radius: 10px;
   border: none;
-  border-radius: 12px;
+  background: linear-gradient(135deg, var(--color-primary), #3b82f6);
+  color: var(--color-text-on-primary);
+  font-weight: var(--font-weight-semibold);
   cursor: pointer;
-  transition: all 0.3s ease;
-  box-shadow: 0 4px 15px rgba(102, 126, 234, 0.3);
-  position: relative;
-  overflow: hidden;
-  display: flex;
-  align-items: center;
-  justify-content: center;
-  gap: 8px;
-}
-
-.register-button::before {
-  content: '';
-  position: absolute;
-  top: 0;
-  left: -100%;
-  width: 100%;
-  height: 100%;
-  background: linear-gradient(90deg, transparent, rgba(255, 255, 255, 0.2), transparent);
-  transition: left 0.5s;
-}
-
-.register-button:hover:not(:disabled) {
-  transform: translateY(-2px);
-  box-shadow: 0 6px 20px rgba(102, 126, 234, 0.4);
 }
 
-.register-button:hover:not(:disabled)::before {
-  left: 100%;
-}
-
-.register-button:disabled {
+.submit-btn:disabled {
   opacity: 0.7;
   cursor: not-allowed;
-  transform: none;
 }
 
-.loading-icon {
-  width: 20px;
-  height: 20px;
-  animation: spin 1s linear infinite;
-}
-
-@keyframes spin {
-  from { transform: rotate(0deg); }
-  to { transform: rotate(360deg); }
-}
-
-.register-footer {
-  margin-top: 2rem;
-  font-size: 0.9rem;
-  color: var(--color-text-tertiary);
-}
-
-a {
-  color: #667eea;
-  text-decoration: none;
-  font-weight: 600;
-  transition: color 0.3s ease;
-}
-
-a:hover {
-  color: #764ba2;
-  text-decoration: underline;
+.auth-footer {
+  margin-top: 18px;
+  font-size: 13px;
+  color: #475569;
+  display: flex;
+  gap: 6px;
+  justify-content: center;
 }
 
-/* 响应式设计 */
 @media (max-width: 480px) {
-  .register-container {
-    padding: 2rem 1.5rem;
-    background: rgba(255, 255, 255, 0.95);
-    backdrop-filter: blur(15px);
+  .auth-card {
+    padding: 22px 18px;
   }
-  
-  .title {
-    font-size: 1.6rem;
-  }
-  
-  .form-group input {
-    padding: 0.8rem 0.8rem 0.8rem 2.6rem;
+
+  .auth-header h1 {
+    font-size: 23px;
   }
 }
 </style>
diff --git a/web/src/pages/settings/Settings.vue b/web/src/pages/settings/Settings.vue
index 6e0cbe7..b01888d 100644
--- a/web/src/pages/settings/Settings.vue
+++ b/web/src/pages/settings/Settings.vue
@@ -12,12 +12,12 @@ const { settings } = storeToRefs(settingsStore);
 const activeTab = ref('appearance');
 
 const tabs = [
-  { id: 'appearance', name: '外观', icon: '🎨' },
-  { id: 'uploads', name: '上传', icon: '⬆️' },
-  { id: 'files', name: '文件管理', icon: '📁' },
-  { id: 'notifications', name: '通知', icon: '🔔' },
-  { id: 'security', name: '安全', icon: '🔒' },
-  { id: 'advanced', name: '高级', icon: '⚙️' }
+  { id: 'appearance', name: '外观', icon: 'APP' },
+  { id: 'uploads', name: '上传', icon: 'UPL' },
+  { id: 'files', name: '文件管理', icon: 'FILE' },
+  { id: 'notifications', name: '通知', icon: 'NOTE' },
+  { id: 'security', name: '安全', icon: 'SAFE' },
+  { id: 'advanced', name: '高级', icon: 'ADV' }
 ];
 
 const resetSettings = () => {
@@ -827,4 +827,4 @@ input:checked + .slider:before {
     width: 100%;
   }
 }
-</style> 
\ No newline at end of file
+</style> 
diff --git a/web/src/pages/shared/SharedWithMe.vue b/web/src/pages/shared/SharedWithMe.vue
index b13b30e..e8d0a18 100644
--- a/web/src/pages/shared/SharedWithMe.vue
+++ b/web/src/pages/shared/SharedWithMe.vue
@@ -1,211 +1,372 @@
 <script setup lang="ts">
-import { ref, onMounted } from 'vue';
-import type { SharedItem } from '../../types/share';
-// import { getSharedItems } from '../../api/share'; // 临时禁用
-// import { copyFile } from '../../api/file'; // 临时禁用
-// import { copyFolder } from '../../api/folder'; // 临时禁用
+import { computed, onMounted, ref } from 'vue';
+import { acceptSharedItem, deleteShare, getSharedItems, getShares } from '../../api/share';
 import { useFileSelection } from '../../composables/useFileSelection';
+import type { Share, SharedItem } from '../../types/share';
 
-const sharedItems = ref<SharedItem[]>([]);
+const activeTab = ref<'received' | 'links'>('received');
 const isLoading = ref(false);
+const sharedItems = ref<SharedItem[]>([]);
+const myShares = ref<Share[]>([]);
 
 const { selectedItems, isSelected, toggleSelection, selectedCount, clearSelection } = useFileSelection();
 
-onMounted(async () => {
+const hasSelection = computed(() => selectedCount.value > 0 && activeTab.value === 'received');
+
+const loadReceived = async () => {
+  const response = await getSharedItems({ page: 1, perPage: 50, sort: 'sharedAt', order: 'desc' });
+  sharedItems.value = response.items;
+};
+
+const loadLinks = async () => {
+  const response = await getShares({ page: 1, perPage: 50 });
+  myShares.value = response.items;
+};
+
+const loadData = async () => {
   isLoading.value = true;
   try {
-    // 临时禁用 - 后端share API尚未实现
-    // const response = await getSharedItems({});
-    // sharedItems.value = response.items;
-    sharedItems.value = []; // 临时返回空数组
-    console.log('SharedWithMe API temporarily disabled - backend not implemented');
-  } catch (error) {
-    console.error('Failed to fetch shared items:', error);
+    if (activeTab.value === 'received') {
+      await loadReceived();
+    } else {
+      await loadLinks();
+    }
   } finally {
     isLoading.value = false;
   }
-});
+};
 
-const handleBatchAdd = async () => {
-  if (selectedCount.value === 0) return;
+const switchTab = async (tab: 'received' | 'links') => {
+  activeTab.value = tab;
+  clearSelection();
+  await loadData();
+};
 
-  const itemsToAdd = sharedItems.value.filter(item => selectedItems.value.has(item.id));
-  
-  // Using Promise.allSettled to attempt all copies even if some fail
-  const results = await Promise.allSettled(
-    itemsToAdd.map(item => handleAddItemToMyFiles(item, false)) // Pass a flag to prevent individual alerts
-  );
+const acceptOne = async (item: SharedItem) => {
+  await acceptSharedItem(item.id);
+};
 
-  const successfulAdds = results.filter(r => r.status === 'fulfilled').length;
-  alert(`${successfulAdds} item(s) added to your files successfully.`);
-  
+const handleAcceptOne = async (item: SharedItem) => {
+  try {
+    await acceptOne(item);
+    await loadReceived();
+  } catch (error) {
+    console.error('Failed to accept shared item', error);
+  }
+};
+
+const handleBatchAccept = async () => {
+  if (!selectedItems.value.size) return;
+
+  const ids = Array.from(selectedItems.value);
+  await Promise.allSettled(ids.map((id) => acceptSharedItem(id)));
   clearSelection();
-  // No need to refresh data from server as the shared list itself doesn't change
+  await loadReceived();
 };
 
-// Modified to handle batch calls without alerting each time
-const handleAddItemToMyFiles = async (item: SharedItem, showAlert = true) => {
+const handleDeleteShare = async (share: Share) => {
+  const confirmed = window.confirm(`Delete share link ${share.shareLink}?`);
+  if (!confirmed) return;
+
   try {
-    if (item.itemType === 'file') {
-      await copyFile(item.id, { targetFolderId: 'root', newName: `(Shared) ${item.name}` });
-    } else {
-      await copyFolder(item.id, { targetParentId: 'root', newName: `(Shared) ${item.name}` });
-    }
-    if (showAlert) {
-      alert(`'${item.name}' has been added to your files.`);
-    }
+    await deleteShare(share.shareLink);
+    myShares.value = myShares.value.filter((entry) => entry.shareLink !== share.shareLink);
   } catch (error) {
-    console.error('Failed to add item to my files:', error);
-    if (showAlert) {
-      alert('Failed to add item.');
-    }
-    // Re-throw the error for Promise.allSettled to catch it as a rejection
-    throw error;
+    console.error('Failed to delete share link', error);
   }
 };
+
+const copyShareLink = async (share: Share) => {
+  try {
+    await navigator.clipboard.writeText(`${window.location.origin}/share/${share.shareLink}`);
+  } catch {
+    window.prompt('Copy this link', `${window.location.origin}/share/${share.shareLink}`);
+  }
+};
+
+onMounted(loadData);
 </script>
 
 <template>
-  <div class="shared-with-me-page">
+  <section class="shared-page">
     <header class="page-header">
-      <h1>Shared with Me</h1>
-      <div v-if="selectedCount > 0" class="batch-actions">
-        <span>{{ selectedCount }} selected</span>
-        <button @click="handleBatchAdd" class="batch-action-btn">Add to My Files</button>
+      <div>
+        <h1>Sharing Center</h1>
+        <p>Manage received files and the links you shared with others.</p>
+      </div>
+
+      <div class="tabs" role="tablist">
+        <button :class="{ active: activeTab === 'received' }" @click="switchTab('received')">Shared with Me</button>
+        <button :class="{ active: activeTab === 'links' }" @click="switchTab('links')">My Share Links</button>
       </div>
     </header>
-    <div v-if="isLoading" class="loading-indicator">Loading shared items...</div>
-    <div v-else-if="sharedItems.length === 0" class="empty-state">
-      <p>No items have been shared with you yet.</p>
-    </div>
-    <div v-else class="shared-list">
-      <div class="list-header">
-        <div class="list-cell select-all">
-          <!-- Master checkbox could go here in the future -->
-        </div>
-        <div class="list-cell name">Name</div>
-        <div class="list-cell shared-by">Shared By</div>
-        <div class="list-cell permission">My Permission</div>
-        <div class="list-cell size">Size</div>
-        <div class="list-cell shared-at">Shared Date</div>
-        <div class="list-cell actions"></div>
+
+    <div class="shared-card">
+      <div v-if="hasSelection" class="batch-bar">
+        <span>{{ selectedCount }} selected</span>
+        <button class="primary-btn" @click="handleBatchAccept">Accept Selected</button>
       </div>
-      <div 
-        v-for="item in sharedItems" 
-        :key="item.id" 
-        class="list-item"
-        :class="{ selected: isSelected(item.id) }"
-        @click="toggleSelection(item.id)"
-      >
-        <div class="list-cell select-cell">
-          <input 
-            type="checkbox" 
-            :checked="isSelected(item.id)"
-            @click.stop="toggleSelection(item.id)"
-            class="item-checkbox"
-          />
-        </div>
-        <div class="list-cell name-cell">
-          <img v-if="item.itemType === 'folder'" src="../../assets/generic/folder.svg" alt="" class="item-icon-small" />
-          <img v-else src="../../assets/generic/file.svg" alt="" class="item-icon-small" />
-          <span class="item-name">{{ item.name }}</span>
+
+      <div v-if="isLoading" class="state">Loading...</div>
+
+      <template v-else-if="activeTab === 'received'">
+        <div v-if="!sharedItems.length" class="state">No files shared with you.</div>
+
+        <div v-else class="list">
+          <div class="list-header">
+            <div class="col checkbox" />
+            <div class="col name">Name</div>
+            <div class="col owner">Shared by</div>
+            <div class="col permission">Permission</div>
+            <div class="col date">Shared at</div>
+            <div class="col action" />
+          </div>
+
+          <div
+            v-for="item in sharedItems"
+            :key="item.id"
+            class="list-row"
+            :class="{ selected: isSelected(item.id) }"
+            @click="toggleSelection(item.id)"
+          >
+            <div class="col checkbox" @click.stop>
+              <input type="checkbox" :checked="isSelected(item.id)" @change.stop="toggleSelection(item.id)" />
+            </div>
+            <div class="col name">
+              <strong>{{ item.name }}</strong>
+              <small>{{ item.itemType }}</small>
+            </div>
+            <div class="col owner">{{ item.sharedBy }}</div>
+            <div class="col permission">{{ item.permission }}</div>
+            <div class="col date">{{ new Date(item.sharedAt).toLocaleString() }}</div>
+            <div class="col action" @click.stop>
+              <button class="primary-btn" @click="handleAcceptOne(item)">Accept</button>
+            </div>
+          </div>
         </div>
-        <div class="list-cell shared-by-cell">{{ item.sharedBy }}</div>
-        <div class="list-cell permission-cell">{{ item.permission }}</div>
-        <div class="list-cell size-cell">{{ item.size ? (item.size / 1024).toFixed(1) + ' KB' : '--' }}</div>
-        <div class="list-cell shared-at-cell">{{ new Date(item.sharedAt).toLocaleDateString() }}</div>
-        <div class="list-cell actions-cell" @click.stop>
-          <button @click="handleAddItemToMyFiles(item)" class="action-btn">
-            Add to My Files
-          </button>
+      </template>
+
+      <template v-else>
+        <div v-if="!myShares.length" class="state">No share links created yet.</div>
+
+        <div v-else class="list">
+          <div class="list-header links">
+            <div class="col name">Resource</div>
+            <div class="col link">Share link</div>
+            <div class="col stats">Views / Downloads</div>
+            <div class="col date">Created at</div>
+            <div class="col action" />
+          </div>
+
+          <div v-for="share in myShares" :key="share.shareId" class="list-row links">
+            <div class="col name">
+              <strong>{{ share.itemInfo.name }}</strong>
+              <small>{{ share.itemType }}</small>
+            </div>
+            <div class="col link"><code>{{ share.shareLink }}</code></div>
+            <div class="col stats">{{ share.visitCount || 0 }} / {{ share.downloadCount || 0 }}</div>
+            <div class="col date">{{ new Date(share.createdAt).toLocaleString() }}</div>
+            <div class="col action action-buttons">
+              <button class="secondary-btn" @click="copyShareLink(share)">Copy</button>
+              <button class="danger-btn" @click="handleDeleteShare(share)">Delete</button>
+            </div>
+          </div>
         </div>
-      </div>
+      </template>
     </div>
-  </div>
+  </section>
 </template>
 
 <style scoped>
-.shared-with-me-page {
-  padding: var(--spacing-lg);
+.shared-page {
+  display: flex;
+  flex-direction: column;
+  gap: var(--spacing-md);
+  height: 100%;
 }
+
 .page-header {
-  margin-bottom: var(--spacing-lg);
+  display: flex;
+  align-items: center;
+  justify-content: space-between;
+  gap: var(--spacing-md);
+  flex-wrap: wrap;
 }
-.loading-indicator, .empty-state {
-  text-align: center;
-  margin-top: 4rem;
+
+.page-header p {
+  margin: 4px 0 0;
   color: var(--color-text-secondary);
 }
-.shared-list {
+
+.tabs {
+  display: inline-flex;
+  border: 1px solid var(--color-border);
+  background-color: var(--color-bg-tertiary);
+  border-radius: 10px;
+  padding: 2px;
+}
+
+.tabs button {
+  min-width: 130px;
+  height: 34px;
+  border-radius: 8px;
+  border: none;
+  background: transparent;
+  cursor: pointer;
+}
+
+.tabs button.active {
+  background-color: var(--color-bg-primary);
+  box-shadow: var(--shadow-sm);
+}
+
+.shared-card {
+  flex: 1;
+  min-height: 0;
+  border: 1px solid var(--color-border);
+  border-radius: var(--border-radius-md);
+  background-color: var(--color-bg-secondary);
+  padding: var(--spacing-md);
+  overflow: auto;
+}
+
+.batch-bar {
+  display: inline-flex;
+  align-items: center;
+  gap: 10px;
+  margin-bottom: var(--spacing-sm);
+  padding: 6px 10px;
+  border-radius: 8px;
+  border: 1px solid var(--color-border);
+  background-color: var(--color-bg-tertiary);
+}
+
+.state {
+  min-height: 240px;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  color: var(--color-text-tertiary);
+}
+
+.list {
   display: flex;
   flex-direction: column;
+  gap: 6px;
 }
-.list-header, .list-item {
+
+.list-header,
+.list-row {
   display: grid;
-  grid-template-columns: 40px 2fr 1fr 1fr 1fr 1fr 1fr;
-  gap: var(--spacing-md);
+  grid-template-columns: 46px 1.6fr 1fr 0.8fr 1.2fr 140px;
   align-items: center;
-  padding: var(--spacing-sm) var(--spacing-md);
+  gap: var(--spacing-sm);
 }
+
 .list-header {
-  border-bottom: 1px solid var(--color-border);
-  font-weight: var(--font-weight-medium);
-  color: var(--color-text-secondary);
+  font-size: 12px;
+  color: var(--color-text-tertiary);
+  padding: 0 8px;
 }
-.list-item {
-  border-radius: var(--border-radius-md);
-  cursor: pointer;
+
+.list-row {
+  min-height: 50px;
+  padding: 4px 8px;
+  border-radius: 8px;
+  border: 1px solid transparent;
 }
-.list-item:hover {
+
+.list-row:hover {
   background-color: var(--color-bg-tertiary);
 }
-.list-item.selected {
+
+.list-row.selected {
   background-color: var(--color-primary-light);
+  border-color: rgba(var(--color-primary-rgb), 0.3);
 }
-.list-item .item-checkbox {
-  opacity: 1; /* Always visible in this view */
-}
-.name-cell {
+
+.col.name {
   display: flex;
-  align-items: center;
-  gap: var(--spacing-sm);
+  flex-direction: column;
+  min-width: 0;
 }
-.item-icon-small {
-  width: 24px;
-  height: 24px;
+
+.col.name strong,
+.col.name small {
+  overflow: hidden;
+  text-overflow: ellipsis;
+  white-space: nowrap;
 }
-.actions-cell {
-  text-align: right;
+
+.col.name small {
+  color: var(--color-text-tertiary);
 }
-.action-btn {
-  background-color: var(--color-primary);
-  color: var(--color-text-on-primary);
-  border: none;
-  border-radius: var(--border-radius-md);
-  padding: var(--spacing-xs) var(--spacing-sm);
-  cursor: pointer;
+
+.list-header.links,
+.list-row.links {
+  grid-template-columns: 1.4fr 0.9fr 0.8fr 1fr 170px;
 }
 
-.batch-actions {
+.action-buttons {
   display: flex;
-  align-items: center;
-  gap: var(--spacing-sm);
-  padding: var(--spacing-xs) var(--spacing-sm);
-  border: 1px solid var(--color-border);
-  border-radius: var(--border-radius-md);
-  background-color: var(--color-bg-secondary);
-}
-.batch-actions span {
-  font-weight: var(--font-weight-medium);
-  color: var(--color-text-secondary);
+  justify-content: flex-end;
+  gap: 8px;
 }
-.batch-action-btn {
-  padding: var(--spacing-xs) var(--spacing-sm);
-  border-radius: var(--border-radius-sm);
+
+.primary-btn,
+.secondary-btn,
+.danger-btn {
+  height: 30px;
+  border-radius: 8px;
   border: 1px solid transparent;
+  padding: 0 10px;
+  cursor: pointer;
+}
+
+.primary-btn {
   background-color: var(--color-primary);
   color: var(--color-text-on-primary);
-  cursor: pointer;
-  transition: all var(--transition-base);
 }
-</style> 
\ No newline at end of file
+
+.secondary-btn {
+  background-color: var(--color-bg-primary);
+  border-color: var(--color-border);
+}
+
+.danger-btn {
+  background-color: var(--color-danger-light);
+  border-color: #fca5a5;
+  color: var(--color-danger-dark);
+}
+
+code {
+  background-color: var(--color-bg-tertiary);
+  border: 1px solid var(--color-border);
+  padding: 2px 6px;
+  border-radius: 6px;
+}
+
+@media (max-width: 960px) {
+  .list-header,
+  .list-row,
+  .list-header.links,
+  .list-row.links {
+    grid-template-columns: 40px 1fr 0;
+  }
+
+  .col.owner,
+  .col.permission,
+  .col.date,
+  .col.stats,
+  .col.link,
+  .col.action {
+    display: none;
+  }
+
+  .col.action.action-buttons {
+    display: flex;
+    grid-column: 1 / -1;
+    justify-content: flex-start;
+  }
+}
+</style>
diff --git a/web/src/pages/trash/Trash.vue b/web/src/pages/trash/Trash.vue
index 5b62b0d..a8cc620 100644
--- a/web/src/pages/trash/Trash.vue
+++ b/web/src/pages/trash/Trash.vue
@@ -1,6 +1,6 @@
 <script setup lang="ts">
-import { ref, onMounted } from 'vue';
-import { getRecycleBin, restoreItem, permanentDelete } from '../../api/recycle';
+import { onMounted, ref } from 'vue';
+import { clearRecycleBin, getRecycleBin, permanentDelete, restoreItem } from '../../api/recycle';
 import type { RecycleBinItem } from '../../types/file';
 import { getIconForFile } from '../../utils/fileIcons';
 import { eventBus } from '../../utils/eventBus';
@@ -14,190 +14,224 @@ const fetchItems = async () => {
     const response = await getRecycleBin({});
     items.value = response.items;
   } catch (error) {
-    console.error('Failed to fetch recycle bin items:', error);
-    alert('Could not load trash items.');
+    console.error('Failed to load recycle bin items', error);
   } finally {
     isLoading.value = false;
   }
 };
 
 const handleRestore = async (item: RecycleBinItem) => {
-  if (!confirm(`Are you sure you want to restore "${item.name}"?`)) return;
+  const confirmed = window.confirm(`Restore \"${item.name}\"?`);
+  if (!confirmed) return;
+
   try {
     await restoreItem(item.id, { itemType: item.itemType });
-    items.value = items.value.filter(i => i.id !== item.id);
+    items.value = items.value.filter((entry) => entry.id !== item.id);
     eventBus.emit('refresh-file-tree');
-    alert('Item restored successfully.');
   } catch (error) {
-    console.error('Failed to restore item:', error);
-    alert('Could not restore item.');
+    console.error('Restore failed', error);
   }
 };
 
 const handlePermanentDelete = async (item: RecycleBinItem) => {
-  if (!confirm(`This action is permanent. Are you sure you want to permanently delete "${item.name}"?`)) return;
+  const confirmed = window.confirm(`Permanently delete \"${item.name}\"? This cannot be undone.`);
+  if (!confirmed) return;
+
   try {
     await permanentDelete(item.id, item.itemType);
-    items.value = items.value.filter(i => i.id !== item.id);
-    alert('Item permanently deleted.');
+    items.value = items.value.filter((entry) => entry.id !== item.id);
+  } catch (error) {
+    console.error('Permanent delete failed', error);
+  }
+};
+
+const handleClearAll = async () => {
+  if (!items.value.length) return;
+  const confirmed = window.confirm('Clear entire recycle bin? This cannot be undone.');
+  if (!confirmed) return;
+
+  try {
+    await clearRecycleBin();
+    items.value = [];
   } catch (error) {
-    console.error('Failed to permanently delete item:', error);
-    alert('Could not permanently delete item.');
+    console.error('Clear recycle bin failed', error);
   }
 };
 
-onMounted(() => {
-  fetchItems();
-});
+onMounted(fetchItems);
 </script>
 
 <template>
-  <div class="trash-page">
+  <section class="trash-page">
     <header class="page-header">
-      <h1>Recycle Bin</h1>
-      <p>Items in the recycle bin will be permanently deleted after 30 days.</p>
-    </header>
-    
-    <div class="trash-list-container">
-      <div v-if="isLoading" class="loading-indicator">Loading...</div>
-      
-      <div v-else-if="items.length === 0" class="empty-trash">
-        <div class="empty-trash-icon">🗑️</div>
-        <p>Your recycle bin is empty.</p>
+      <div>
+        <h1>Recycle Bin</h1>
+        <p>Items are kept for up to 30 days before automatic cleanup.</p>
       </div>
+      <button class="clear-btn" :disabled="!items.length" @click="handleClearAll">Clear Bin</button>
+    </header>
+
+    <div class="trash-card">
+      <div v-if="isLoading" class="state">Loading...</div>
+
+      <div v-else-if="items.length === 0" class="state">Recycle bin is empty.</div>
 
       <div v-else class="trash-list">
-        <!-- List Header -->
         <div class="list-header">
-          <div class="list-cell name">Name</div>
-          <div class="list-cell path">Original Location</div>
-          <div class="list-cell deleted-at">Date Deleted</div>
-          <div class="list-cell expires-in">Expires In</div>
-          <div class="list-cell actions"></div>
+          <div class="col name">Name</div>
+          <div class="col path">Original location</div>
+          <div class="col deleted">Deleted at</div>
+          <div class="col expire">Expires in</div>
+          <div class="col action" />
         </div>
-        <!-- List Body -->
-        <div v-for="item in items" :key="item.id" class="list-item">
-          <div class="list-cell name-cell">
-            <img :src="getIconForFile(item.name)" alt="" class="item-icon-small" />
-            <span class="item-name">{{ item.name }}</span>
+
+        <div v-for="item in items" :key="item.id" class="list-row">
+          <div class="col name name-cell">
+            <img :src="getIconForFile(item.name)" alt="" class="icon" />
+            <span>{{ item.name }}</span>
           </div>
-          <div class="list-cell path-cell">{{ item.originalPath }}</div>
-          <div class="list-cell deleted-at-cell">{{ new Date(item.deletedAt).toLocaleDateString() }}</div>
-          <div class="list-cell expires-in-cell">{{ item.daysUntilPermanentDelete }} days</div>
-          <div class="list-cell actions-cell">
-            <button @click="handleRestore(item)" class="action-btn restore-btn" title="Restore">
-              <span>♻️</span>
-            </button>
-            <button @click="handlePermanentDelete(item)" class="action-btn delete-btn" title="Delete Permanently">
-              <span>❌</span>
-            </button>
+          <div class="col path">{{ item.originalPath }}</div>
+          <div class="col deleted">{{ new Date(item.deletedAt).toLocaleString() }}</div>
+          <div class="col expire">{{ item.daysUntilPermanentDelete }} days</div>
+          <div class="col action action-cell">
+            <button class="secondary-btn" @click="handleRestore(item)">Restore</button>
+            <button class="danger-btn" @click="handlePermanentDelete(item)">Delete</button>
           </div>
         </div>
       </div>
     </div>
-  </div>
+  </section>
 </template>
 
 <style scoped>
 .trash-page {
-  padding: var(--spacing-lg);
   display: flex;
   flex-direction: column;
+  gap: var(--spacing-md);
   height: 100%;
 }
 
 .page-header {
-  margin-bottom: var(--spacing-lg);
-}
-.page-header h1 {
-    font-size: 1.8rem;
-    font-weight: var(--font-weight-bold);
-    color: var(--color-text-primary);
+  display: flex;
+  align-items: center;
+  justify-content: space-between;
+  gap: var(--spacing-md);
+  flex-wrap: wrap;
 }
+
 .page-header p {
-    color: var(--color-text-secondary);
-    font-size: var(--font-size-base);
+  margin: 4px 0 0;
+  color: var(--color-text-secondary);
 }
 
-.trash-list-container {
-  flex-grow: 1;
+.clear-btn,
+.secondary-btn,
+.danger-btn {
+  height: 32px;
+  border-radius: 8px;
+  border: 1px solid transparent;
+  padding: 0 12px;
+  cursor: pointer;
+}
+
+.clear-btn,
+.secondary-btn {
+  background-color: var(--color-bg-primary);
+  border-color: var(--color-border);
+}
+
+.danger-btn {
+  background-color: var(--color-danger-light);
+  color: var(--color-danger-dark);
+  border-color: #fca5a5;
+}
+
+.trash-card {
+  flex: 1;
+  min-height: 0;
+  border: 1px solid var(--color-border);
+  border-radius: var(--border-radius-md);
   background-color: var(--color-bg-secondary);
-  border-radius: var(--border-radius-lg);
   padding: var(--spacing-md);
-  overflow-y: auto;
+  overflow: auto;
 }
 
-.empty-trash {
-    display: flex;
-    flex-direction: column;
-    align-items: center;
-    justify-content: center;
-    height: 100%;
-    color: var(--color-text-secondary);
-}
-.empty-trash-icon {
-    font-size: 4rem;
-    margin-bottom: var(--spacing-md);
+.state {
+  min-height: 240px;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  color: var(--color-text-tertiary);
 }
 
 .trash-list {
   display: flex;
   flex-direction: column;
+  gap: 6px;
 }
 
-.list-header, .list-item {
+.list-header,
+.list-row {
   display: grid;
-  grid-template-columns: 2fr 2fr 1fr 1fr 100px;
-  gap: var(--spacing-md);
+  grid-template-columns: 1.4fr 1.3fr 1fr 0.7fr 220px;
+  gap: var(--spacing-sm);
   align-items: center;
-  padding: var(--spacing-sm) var(--spacing-md);
-  border-bottom: 1px solid var(--color-border);
 }
 
 .list-header {
-  font-weight: var(--font-weight-medium);
-  color: var(--color-text-secondary);
+  color: var(--color-text-tertiary);
+  font-size: 12px;
+  padding: 0 8px;
 }
 
-.list-item:hover {
+.list-row {
+  min-height: 48px;
+  border: 1px solid transparent;
+  border-radius: 8px;
+  padding: 4px 8px;
+}
+
+.list-row:hover {
   background-color: var(--color-bg-tertiary);
 }
 
 .name-cell {
   display: flex;
   align-items: center;
-  gap: var(--spacing-sm);
-  font-weight: var(--font-weight-medium);
-}
-.item-icon-small {
-  width: 24px;
-  height: 24px;
-}
-.path-cell {
-    color: var(--color-text-secondary);
+  gap: 8px;
+  min-width: 0;
 }
-.deleted-at-cell {
-    color: var(--color-text-secondary);
+
+.name-cell span {
+  overflow: hidden;
+  text-overflow: ellipsis;
+  white-space: nowrap;
 }
-.expires-in-cell {
-    color: var(--color-danger);
+
+.icon {
+  width: 22px;
+  height: 22px;
 }
 
-.actions-cell {
+.action-cell {
   display: flex;
   justify-content: flex-end;
-  gap: var(--spacing-sm);
+  gap: 8px;
 }
-.action-btn {
-  background: transparent;
-  border: 1px solid transparent;
-  border-radius: var(--border-radius-sm);
-  padding: var(--spacing-xs);
-  cursor: pointer;
-  transition: all var(--transition-base);
-}
-.action-btn:hover {
-  background-color: var(--color-bg-tertiary);
-  border-color: var(--color-border-hover);
+
+@media (max-width: 980px) {
+  .list-header,
+  .list-row {
+    grid-template-columns: 1.3fr 1fr 0.8fr 0;
+  }
+
+  .col.action {
+    display: none;
+  }
+
+  .action-cell {
+    grid-column: 1 / -1;
+    justify-content: flex-start;
+  }
 }
-</style> 
\ No newline at end of file
+</style>
diff --git a/web/src/style.css b/web/src/style.css
index 39ef4c1..e5806f1 100644
--- a/web/src/style.css
+++ b/web/src/style.css
@@ -1,106 +1,122 @@
-/* ==========================================================================
-   # App-wide Styles
-   - 全局CSS变量 (主题、字体、布局)
-   - 基础元素重置
-   - 通用工具类
-   ========================================================================== */
-
-/* --------------------------------------------------------------------------
-   ## CSS Variables (Design Tokens)
-   - 使用 :root 定义浅色主题
-   - 使用 .dark-theme 定义深色主题
-   - 使用 `var(--variable-name)` 在组件中使用
-   -------------------------------------------------------------------------- */
+@import url('https://fonts.googleapis.com/css2?family=JetBrains+Mono:wght@400;500&family=Manrope:wght@400;500;600;700;800&display=swap');
 
 :root {
-  /* -- Font & Text -- */
-  --font-family-sans: 'Inter', -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, 'Helvetica Neue', Arial, sans-serif;
+  --font-family-sans: 'Manrope', 'Noto Sans SC', 'PingFang SC', 'Microsoft YaHei', sans-serif;
+  --font-family-mono: 'JetBrains Mono', 'Consolas', 'Monaco', monospace;
   --font-size-base: 14px;
+  --font-size-lg: 16px;
+  --font-size-xl: 20px;
   --font-weight-normal: 400;
   --font-weight-medium: 500;
   --font-weight-semibold: 600;
+  --font-weight-bold: 700;
   --line-height-base: 1.6;
 
-  /* -- Colors: Light Theme (Airy &灵动) -- */
-  --color-primary: #3b82f6; /* 主色调: 柔和的蓝色 */
-  --color-primary-hover: #2563eb;
-  --color-primary-light: #eff6ff;
-  
-  --color-bg-base: #f8fafc;        /* 主背景色: 非常浅的灰蓝色，几乎是白色 */
-  --color-bg-secondary: #ffffff;  /* 侧边栏/卡片背景: 纯白，营造层次感 */
-  --color-bg-tertiary: #f1f5f9;   /* 悬浮/选中背景: 稍深的灰 */
-
-  --color-border: #e2e8f0;         /* 边框颜色: 非常柔和的灰色 */
-  --color-divider: #f1f5f9;        /* 分割线颜色 */
-  
-  --color-text-primary: #0f172a;    /* 主要文字: 深灰色，非纯黑，更柔和 */
-  --color-text-secondary: #475569;  /* 次要文字 */
-  --color-text-tertiary: #94a3b8;   /* 辅助/占位文字 */
-  --color-text-on-primary: #ffffff; /* 主色调按钮上的文字 */
-
-  /* -- Layout & Spacing -- */
-  --layout-header-height: 60px;
-  --layout-footer-height: 48px;
-  --sidebar-width-open: 260px;
-  --sidebar-width-collapsed: 80px;
-  --sidebar-right-width: 320px;
-  
+  --color-primary: #0b6cff;
+  --color-primary-rgb: 11, 108, 255;
+  --color-primary-hover: #0054d1;
+  --color-primary-light: #e7f0ff;
+  --color-primary-dark: #0d3a8c;
+  --color-success: #15a06a;
+  --color-warning: #f59e0b;
+  --color-danger: #dc2626;
+  --color-danger-dark: #b91c1c;
+  --color-danger-light: #fee2e2;
+
+  --color-bg-base: #f4f7fb;
+  --color-bg-primary: #ffffff;
+  --color-bg-secondary: #ffffff;
+  --color-bg-tertiary: #edf2fb;
+  --color-bg-quaternary: #dde6f3;
+
+  --color-border: #d9e3f0;
+  --color-border-hover: #b8c8df;
+  --color-divider: #e6eef9;
+
+  --color-text-primary: #0f172a;
+  --color-text-secondary: #334155;
+  --color-text-tertiary: #64748b;
+  --color-text-quaternary: #94a3b8;
+  --color-text-on-primary: #ffffff;
+
+  --layout-header-height: 64px;
+  --layout-footer-height: 42px;
+  --sidebar-left-width: 276px;
+  --sidebar-left-collapsed-width: 86px;
+  --sidebar-right-width: 360px;
+
   --spacing-unit: 8px;
-  --spacing-xs: calc(var(--spacing-unit) * 0.5);   /* 4px */
-  --spacing-sm: var(--spacing-unit);             /* 8px */
-  --spacing-md: calc(var(--spacing-unit) * 2);   /* 16px */
-  --spacing-lg: calc(var(--spacing-unit) * 3);   /* 24px */
-  --spacing-xl: calc(var(--spacing-unit) * 4);   /* 32px */
-
-  /* -- Borders & Radius -- */
-  --border-radius-sm: 4px;
-  --border-radius-md: 8px;
-  --border-radius-lg: 12px;
-
-  /* -- Transitions & Shadows -- */
-  --transition-base: all 0.2s cubic-bezier(0.4, 0, 0.2, 1);
-  --shadow-sm: 0 1px 2px 0 rgba(0, 0, 0, 0.05);
-  --shadow-md: 0 4px 6px -1px rgba(0, 0, 0, 0.1), 0 2px 4px -2px rgba(0, 0, 0, 0.1);
+  --spacing-xs: calc(var(--spacing-unit) * 0.5);
+  --spacing-sm: var(--spacing-unit);
+  --spacing-md: calc(var(--spacing-unit) * 2);
+  --spacing-lg: calc(var(--spacing-unit) * 3);
+  --spacing-xl: calc(var(--spacing-unit) * 4);
+
+  --border-radius-sm: 6px;
+  --border-radius-md: 10px;
+  --border-radius-lg: 14px;
+
+  --transition-base: all 0.2s ease;
+  --shadow-sm: 0 1px 2px rgba(15, 23, 42, 0.08);
+  --shadow-md: 0 8px 24px rgba(15, 23, 42, 0.08);
+  --shadow-lg: 0 18px 32px rgba(15, 23, 42, 0.12);
+  --shadow-xl: 0 26px 48px rgba(15, 23, 42, 0.16);
 }
 
 .dark-theme {
-  --color-primary: #60a5fa;
-  --color-primary-hover: #93c5fd;
-  --color-primary-light: rgba(59, 130, 246, 0.1);
-
-  --color-bg-base: #0f172a;       /* 深邃的蓝黑色 */
-  --color-bg-secondary: #1e293b;  /* 卡片/侧边栏背景 */
-  --color-bg-tertiary: #334155;  /* 悬浮/选中背景 */
-  
-  --color-border: #334155;
-  --color-divider: #334155;
-  
-  --color-text-primary: #f8fafc;
-  --color-text-secondary: #cbd5e1;
-  --color-text-tertiary: #64748b;
-  --color-text-on-primary: #ffffff;
+  --color-primary: #5ca4ff;
+  --color-primary-rgb: 92, 164, 255;
+  --color-primary-hover: #3d90f5;
+  --color-primary-light: rgba(92, 164, 255, 0.18);
+  --color-primary-dark: #9dc8ff;
+
+  --color-bg-base: #0b1220;
+  --color-bg-primary: #101a2b;
+  --color-bg-secondary: #111c2f;
+  --color-bg-tertiary: #1a2840;
+  --color-bg-quaternary: #243653;
+
+  --color-border: #24364f;
+  --color-border-hover: #34507a;
+  --color-divider: #1d2e47;
+
+  --color-text-primary: #eef5ff;
+  --color-text-secondary: #d0def2;
+  --color-text-tertiary: #9eb4d3;
+  --color-text-quaternary: #7d95b7;
+  --color-text-on-primary: #081427;
+
+  --shadow-sm: 0 1px 2px rgba(0, 0, 0, 0.25);
+  --shadow-md: 0 8px 24px rgba(0, 0, 0, 0.32);
+  --shadow-lg: 0 18px 32px rgba(0, 0, 0, 0.4);
+  --shadow-xl: 0 26px 48px rgba(0, 0, 0, 0.48);
 }
 
-/* --------------------------------------------------------------------------
-   ## Base Element Styling
-   -------------------------------------------------------------------------- */
-
 *,
 *::before,
 *::after {
   box-sizing: border-box;
 }
 
+html,
+body {
+  width: 100%;
+  height: 100%;
+}
+
 body {
   margin: 0;
   font-family: var(--font-family-sans);
   font-size: var(--font-size-base);
   line-height: var(--line-height-base);
   color: var(--color-text-primary);
-  background-color: var(--color-bg-base);
+  background:
+    radial-gradient(1200px 800px at 0% -20%, rgba(var(--color-primary-rgb), 0.1), transparent 60%),
+    radial-gradient(1000px 700px at 100% 120%, rgba(var(--color-primary-rgb), 0.08), transparent 55%),
+    var(--color-bg-base);
   -webkit-font-smoothing: antialiased;
   -moz-osx-font-smoothing: grayscale;
-  transition: background-color var(--transition-base), color var(--transition-base);
+  transition: background-color 0.2s ease, color 0.2s ease;
 }
 
 #app {
@@ -112,21 +128,31 @@ body {
 a {
   color: var(--color-primary);
   text-decoration: none;
-  transition: color var(--transition-base);
+  transition: color 0.2s ease;
 }
+
 a:hover {
   color: var(--color-primary-hover);
 }
 
-h1, h2, h3, h4, h5, h6 {
+h1,
+h2,
+h3,
+h4,
+h5,
+h6 {
   margin: 0;
-  font-weight: var(--font-weight-semibold);
   color: var(--color-text-primary);
+  font-weight: var(--font-weight-semibold);
 }
 
-/* --------------------------------------------------------------------------
-   ## Utility Classes
-   -------------------------------------------------------------------------- */
+button,
+input,
+textarea,
+select {
+  font: inherit;
+  color: inherit;
+}
 
 .visually-hidden {
   position: absolute;

From 0d621abefaccc19af86780bbc17616ebdc693f9a Mon Sep 17 00:00:00 2001
From: 0neStep <146049978+AperturePlus@users.noreply.github.com>
Date: Sat, 21 Mar 2026 16:17:00 +0800
Subject: [PATCH 6/8] feat(web-core): add admin audit and system api contracts

---
 web/src/api/file.ts       | 12 +++++++++++-
 web/src/api/share.ts      |  7 ++++++-
 web/src/api/storage.ts    | 10 ++++++++++
 web/src/api/system.ts     | 10 ++++++++++
 web/src/types/file.d.ts   | 22 ++++++++++++++++++++++
 web/src/types/share.d.ts  |  9 ++++++++-
 web/src/types/system.d.ts | 24 ++++++++++++++++++++++++
 web/src/types/user.d.ts   |  5 +++++
 8 files changed, 96 insertions(+), 3 deletions(-)
 create mode 100644 web/src/api/system.ts
 create mode 100644 web/src/types/system.d.ts

diff --git a/web/src/api/file.ts b/web/src/api/file.ts
index 8e724a6..144590e 100644
--- a/web/src/api/file.ts
+++ b/web/src/api/file.ts
@@ -14,7 +14,9 @@ import type {
   UploadPreflightRequest,
   UploadPreflightResponse,
   MergeChunksRequest,
-  MergeChunksResponse
+  MergeChunksResponse,
+  AdminFileAuditItem,
+  GetAdminFilesRequest,
 } from '../types/file';
 
 // 上传相关API
@@ -170,3 +172,11 @@ interface ResponseData {
   action: string; 
   succeeded: number;
 }
+
+export const getAdminFiles = (params: GetAdminFilesRequest) => {
+  return http.get<PaginatedData<AdminFileAuditItem>>('/admin/files', params);
+};
+
+export const rescanAdminFile = (fileId: string) => {
+  return http.post<{ fileId: string; virusStatus: 'clean' | 'pending' | 'flagged'; scannedAt: string }>(`/admin/files/${fileId}/rescan`);
+};
diff --git a/web/src/api/share.ts b/web/src/api/share.ts
index 45f0de0..9cf6da6 100644
--- a/web/src/api/share.ts
+++ b/web/src/api/share.ts
@@ -6,7 +6,8 @@ import type {
   AccessShareRequest,
   AccessShareResponseData,
   GetSharedItemsRequest,
-  SharedItem
+  SharedItem,
+  UpdateShareSettingsRequest,
 } from '../types/share';
 
 /**
@@ -55,6 +56,10 @@ export const deleteShare = (shareLink: string) => {
   return http.delete<{ shareId: string; shareLink: string; deletedAt: string }>(`/shares/${shareLink}`);
 };
 
+export const updateShareSettings = (shareLink: string, data: UpdateShareSettingsRequest) => {
+  return http.patch<Share>(`/shares/${shareLink}/settings`, data);
+};
+
 /**
  * 获取与我共享的项目列表
  * @param params 查询参数
diff --git a/web/src/api/storage.ts b/web/src/api/storage.ts
index 6430771..b8f5b53 100644
--- a/web/src/api/storage.ts
+++ b/web/src/api/storage.ts
@@ -36,3 +36,13 @@ export const getUsageTrend = (params: GetUsageTrendRequest) => {
 export const getStorageUsers = () => {
   return http.get<any>('/admin/storage/users');
 };
+
+export const updateStorageQuota = (userId: string, storageLimit: number) => {
+  return http.patch<{
+    userId: string;
+    storageLimit: number;
+    storageUsed: number;
+    usagePercentage: number;
+    updatedAt: string;
+  }>(`/admin/storage/users/${userId}/quota`, { storageLimit });
+};
diff --git a/web/src/api/system.ts b/web/src/api/system.ts
new file mode 100644
index 0000000..6403993
--- /dev/null
+++ b/web/src/api/system.ts
@@ -0,0 +1,10 @@
+import http from '../utils/http';
+import type { SystemHealth, RateLimitStatus } from '../types/system';
+
+export const getSystemHealth = () => {
+  return http.get<SystemHealth>('/admin/system/health');
+};
+
+export const getRateLimitStatus = () => {
+  return http.get<RateLimitStatus>('/admin/system/rate-limit');
+};
diff --git a/web/src/types/file.d.ts b/web/src/types/file.d.ts
index 45b8ed4..a35f793 100644
--- a/web/src/types/file.d.ts
+++ b/web/src/types/file.d.ts
@@ -333,3 +333,25 @@ export interface GetRecycleBinRequest {
   perPage?: number;
   itemType?: 'file' | 'folder';
 }
+
+export interface AdminFileAuditItem {
+  id: string;
+  name: string;
+  size: number;
+  mimeType: string;
+  hash: string;
+  virusStatus: 'clean' | 'pending' | 'flagged';
+  isShared: boolean;
+  ownerName: string;
+  updatedAt: string;
+  createdAt: string;
+}
+
+export interface GetAdminFilesRequest {
+  page?: number;
+  perPage?: number;
+  search?: string;
+  virusStatus?: 'clean' | 'pending' | 'flagged';
+  sort?: 'name' | 'size' | 'createdAt' | 'updatedAt';
+  order?: 'asc' | 'desc';
+}
diff --git a/web/src/types/share.d.ts b/web/src/types/share.d.ts
index 153cdd1..bad2152 100644
--- a/web/src/types/share.d.ts
+++ b/web/src/types/share.d.ts
@@ -137,4 +137,11 @@ export interface GetSharedItemsRequest {
   perPage?: number;
   sort?: 'name' | 'size' | 'sharedAt' | 'sharedBy';
   order?: 'asc' | 'desc';
-}
\ No newline at end of file
+}
+
+export interface UpdateShareSettingsRequest {
+  passwordProtected?: boolean;
+  expireAt?: string | null;
+  allowDownload?: boolean;
+  allowPreview?: boolean;
+}
diff --git a/web/src/types/system.d.ts b/web/src/types/system.d.ts
new file mode 100644
index 0000000..ebfbc6b
--- /dev/null
+++ b/web/src/types/system.d.ts
@@ -0,0 +1,24 @@
+export interface SystemHealth {
+  platformTargets: string[];
+  maxConcurrentUploads: number;
+  activeUploadSessions: number;
+  virusScanEnabled: boolean;
+  thumbnailGenerationEnabled: boolean;
+  registrationMailEnabled: boolean;
+  hashComputationEnabled: boolean;
+  lastUpdatedAt: string;
+}
+
+export interface RateLimitRule {
+  ruleId: string;
+  scope: string;
+  windowSeconds: number;
+  limit: number;
+  currentUsage: number;
+  blockedRequests: number;
+}
+
+export interface RateLimitStatus {
+  rules: RateLimitRule[];
+  evaluatedAt: string;
+}
diff --git a/web/src/types/user.d.ts b/web/src/types/user.d.ts
index 6c509a1..4d8e787 100644
--- a/web/src/types/user.d.ts
+++ b/web/src/types/user.d.ts
@@ -7,6 +7,9 @@
  * @property {number} storageUsed - 已用存储
  * @property {string} createdAt - 创建时间
  */
+export type UserRole = 'user' | 'admin';
+export type UserStatus = 'active' | 'suspended';
+
 export interface User{
     userId: string;
     username: string;
@@ -15,6 +18,8 @@ export interface User{
     storageUsed: number;
     //status: 'active' | 'banned' | 'inactive;
     createdAt: string;
+    role?: UserRole;
+    status?: UserStatus;
 }
 
 /**

From 8c269f7b58df66076a9bc303ac9205d6b72dc481 Mon Sep 17 00:00:00 2001
From: 0neStep <146049978+AperturePlus@users.noreply.github.com>
Date: Sat, 21 Mar 2026 16:17:06 +0800
Subject: [PATCH 7/8] feat(mock): support role-aware auth and admin system
 endpoints

---
 web/src/mock/handlers/auth.ts    |  30 +++++---
 web/src/mock/handlers/file.ts    | 121 ++++++++++++++++++++++++++++++-
 web/src/mock/handlers/share.ts   |  52 ++++++++++++-
 web/src/mock/handlers/storage.ts |  44 ++++++++++-
 web/src/mock/handlers/system.ts  |  58 +++++++++++++++
 web/src/mock/handlers/user.ts    |  30 ++++++--
 web/src/mock/index.ts            |   2 +
 web/src/mock/state.ts            |  36 +++++++--
 8 files changed, 346 insertions(+), 27 deletions(-)
 create mode 100644 web/src/mock/handlers/system.ts

diff --git a/web/src/mock/handlers/auth.ts b/web/src/mock/handlers/auth.ts
index 3c6b29d..634df2a 100644
--- a/web/src/mock/handlers/auth.ts
+++ b/web/src/mock/handlers/auth.ts
@@ -1,5 +1,5 @@
 import Mock from 'mockjs';
-import { addLog, addNotification, createMockId, mockUsers } from '../state';
+import { addLog, addNotification, createMockId, getCurrentUser, mockUsers, setCurrentUser } from '../state';
 
 export const setupAuthMocks = () => {
   Mock.mock(/\/api\/v1\/auth\/login/, 'post', (options) => {
@@ -9,7 +9,7 @@ export const setupAuthMocks = () => {
       user.email.toLowerCase() === String(username || '').toLowerCase(),
     );
 
-    if (!targetUser || !password) {
+    if (!targetUser || !password || targetUser.password !== password) {
       return {
         success: false,
         code: 401,
@@ -27,6 +27,7 @@ export const setupAuthMocks = () => {
       };
     }
 
+    setCurrentUser(targetUser.userId);
     addLog('user_login', { userId: targetUser.userId, username: targetUser.username });
 
     return {
@@ -45,19 +46,21 @@ export const setupAuthMocks = () => {
           storageLimit: targetUser.storageLimit,
           storageUsed: targetUser.storageUsed,
           createdAt: targetUser.createdAt,
+          role: targetUser.role,
+          status: targetUser.status,
         },
       },
     };
   });
 
   Mock.mock(/\/api\/v1\/auth\/register/, 'post', (options) => {
-    const { username, email } = JSON.parse(options.body || '{}');
+    const { username, email, password } = JSON.parse(options.body || '{}');
 
-    if (!username || !email) {
+    if (!username || !email || !password) {
       return {
         success: false,
         code: 400,
-        message: 'Username and email are required',
+        message: 'Username, email and password are required',
         data: null,
       };
     }
@@ -85,6 +88,7 @@ export const setupAuthMocks = () => {
       createdAt: new Date().toISOString(),
       status: 'active' as const,
       role: 'user' as const,
+      password,
     };
 
     mockUsers.push(createdUser);
@@ -143,6 +147,7 @@ export const setupAuthMocks = () => {
   });
 
   Mock.mock(/\/api\/v1\/auth\/refresh/, 'post', () => {
+    const user = getCurrentUser();
     return {
       success: true,
       code: 200,
@@ -153,18 +158,21 @@ export const setupAuthMocks = () => {
         expiresIn: 3600,
         refreshToken: `mock-refresh-${createMockId('token')}`,
         user: {
-          userId: mockUsers[0].userId,
-          username: mockUsers[0].username,
-          email: mockUsers[0].email,
-          storageLimit: mockUsers[0].storageLimit,
-          storageUsed: mockUsers[0].storageUsed,
-          createdAt: mockUsers[0].createdAt,
+          userId: user.userId,
+          username: user.username,
+          email: user.email,
+          storageLimit: user.storageLimit,
+          storageUsed: user.storageUsed,
+          createdAt: user.createdAt,
+          role: user.role,
+          status: user.status,
         },
       },
     };
   });
 
   Mock.mock(/\/api\/v1\/auth\/logout/, 'post', () => {
+    setCurrentUser(mockUsers[0].userId);
     addLog('user_logout', { status: 'ok' });
 
     return {
diff --git a/web/src/mock/handlers/file.ts b/web/src/mock/handlers/file.ts
index 6efe1b3..985de1e 100644
--- a/web/src/mock/handlers/file.ts
+++ b/web/src/mock/handlers/file.ts
@@ -1,6 +1,6 @@
 import JSZip from 'jszip';
 import Mock from 'mockjs';
-import { addLog, addNotification } from '../state';
+import { addLog, addNotification, mockShares } from '../state';
 import { vfsApi, type VfsNode } from '../vfs';
 
 function parseUrl(url: string) {
@@ -97,7 +97,126 @@ function getSortedItems(items: VfsNode[], sort: string | null, order: string | n
   });
 }
 
+function paginateItems<T>(items: T[], page = 1, perPage = 20) {
+  const normalizedPage = Math.max(1, Number(page) || 1);
+  const normalizedPerPage = Math.max(1, Number(perPage) || 20);
+  const start = (normalizedPage - 1) * normalizedPerPage;
+  const sliced = items.slice(start, start + normalizedPerPage);
+  const totalPages = Math.max(1, Math.ceil(items.length / normalizedPerPage));
+
+  return {
+    items: sliced,
+    pagination: {
+      totalItems: items.length,
+      totalPages,
+      perPage: normalizedPerPage,
+      currentPage: normalizedPage,
+      hasPrev: normalizedPage > 1,
+      hasNext: normalizedPage < totalPages,
+    },
+  };
+}
+
+function toAdminFileAuditItem(node: VfsNode) {
+  return {
+    id: node.id,
+    name: node.name,
+    size: node.size || 0,
+    mimeType: node.mimeType || 'application/octet-stream',
+    hash: node.hash || `mock-hash-${node.id}`,
+    virusStatus: node.virusStatus || 'pending',
+    isShared: mockShares.some((share) => share.itemType === 'file' && share.itemInfo.id === node.id),
+    ownerName: 'You',
+    updatedAt: node.updatedAt,
+    createdAt: node.createdAt,
+  };
+}
+
 export const setupFileMocks = () => {
+  Mock.mock(/\/api\/v1\/admin\/files(?:\?.*)?$/, 'get', (options) => {
+    const url = parseUrl(options.url);
+    const search = (url.searchParams.get('search') || '').trim().toLowerCase();
+    const virusStatus = url.searchParams.get('virusStatus');
+    const sort = url.searchParams.get('sort');
+    const order = url.searchParams.get('order');
+    const page = Number(url.searchParams.get('page') || 1);
+    const perPage = Number(url.searchParams.get('perPage') || 20);
+
+    const files = Object.values(vfsApi.getAll()).filter((node) => node.type === 'file' && !node.isTrashed);
+    const sortedNodes = getSortedItems(files, sort, order);
+    const filtered = sortedNodes.filter((node) => {
+      if (search && !node.name.toLowerCase().includes(search)) {
+        return false;
+      }
+      if (virusStatus && (node.virusStatus || 'pending') !== virusStatus) {
+        return false;
+      }
+      return true;
+    });
+
+    return {
+      success: true,
+      code: 200,
+      data: paginateItems(filtered.map(toAdminFileAuditItem), page, perPage),
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/admin\/files\/([^/]+)$/, 'get', (options) => {
+    const fileId = (options.url.match(/\/api\/v1\/admin\/files\/([^/?]+)/) || [])[1];
+    const node = vfsApi.get(fileId);
+
+    if (!node || node.type !== 'file' || node.isTrashed) {
+      return {
+        success: false,
+        code: 404,
+        message: 'File not found',
+        data: null,
+      };
+    }
+
+    return {
+      success: true,
+      code: 200,
+      data: toAdminFileAuditItem(node),
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/admin\/files\/([^/]+)\/rescan$/, 'post', (options) => {
+    const fileId = (options.url.match(/\/api\/v1\/admin\/files\/([^/]+)\/rescan/) || [])[1];
+    const node = vfsApi.get(fileId);
+
+    if (!node || node.type !== 'file' || node.isTrashed) {
+      return {
+        success: false,
+        code: 404,
+        message: 'File not found',
+        data: null,
+      };
+    }
+
+    const normalizedName = node.name.toLowerCase();
+    let nextStatus: 'clean' | 'pending' | 'flagged' = 'clean';
+    if (normalizedName.includes('virus') || normalizedName.includes('suspicious')) {
+      nextStatus = 'flagged';
+    } else if (Math.random() < 0.15) {
+      nextStatus = 'pending';
+    }
+
+    node.virusStatus = nextStatus;
+    node.updatedAt = new Date().toISOString();
+    addLog('virus_scan', { fileId: node.id, fileName: node.name, status: node.virusStatus });
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        fileId: node.id,
+        virusStatus: node.virusStatus,
+        scannedAt: node.updatedAt,
+      },
+    };
+  });
+
   Mock.mock(/\/api\/v1\/files\/?(\?.*)?$/, 'get', (options) => {
     const url = parseUrl(options.url);
     const folderId = url.searchParams.get('folderId') || 'root';
diff --git a/web/src/mock/handlers/share.ts b/web/src/mock/handlers/share.ts
index 74f18a2..978949c 100644
--- a/web/src/mock/handlers/share.ts
+++ b/web/src/mock/handlers/share.ts
@@ -125,6 +125,15 @@ export const setupShareMocks = () => {
       };
     }
 
+    if (share.settings.expireAt && new Date(share.settings.expireAt).getTime() < Date.now()) {
+      return {
+        success: false,
+        code: 410,
+        message: 'Share link expired',
+        data: null,
+      };
+    }
+
     share.visitCount = (share.visitCount || 0) + 1;
 
     return {
@@ -136,13 +145,52 @@ export const setupShareMocks = () => {
         itemType: share.itemType,
         itemInfo: share.itemInfo,
         accessUrls: {
-          download: `/api/v1/files/${share.itemInfo.id}/download`,
-          preview: `/api/v1/files/${share.itemInfo.id}/preview`,
+          download: share.settings.allowDownload ? `/api/v1/files/${share.itemInfo.id}/download` : '',
+          preview: share.settings.allowPreview ? `/api/v1/files/${share.itemInfo.id}/preview` : '',
         },
       },
     };
   });
 
+  Mock.mock(/\/api\/v1\/shares\/([^/]+)\/settings$/, 'patch', (options) => {
+    const shareLink = (options.url.match(/\/api\/v1\/shares\/([^/]+)\/settings/) || [])[1];
+    const payload = JSON.parse(options.body || '{}') as Partial<{
+      passwordProtected: boolean;
+      expireAt: string | null;
+      allowDownload: boolean;
+      allowPreview: boolean;
+    }>;
+    const share = mockShares.find((item) => item.shareLink === shareLink || item.shareId === shareLink);
+
+    if (!share) {
+      return {
+        success: false,
+        code: 404,
+        message: 'Share not found',
+        data: null,
+      };
+    }
+
+    share.settings = {
+      passwordProtected: payload.passwordProtected ?? share.settings.passwordProtected,
+      expireAt: payload.expireAt === undefined ? share.settings.expireAt : payload.expireAt,
+      allowDownload: payload.allowDownload ?? share.settings.allowDownload,
+      allowPreview: payload.allowPreview ?? share.settings.allowPreview,
+    };
+
+    addLog('share_settings_update', {
+      shareId: share.shareId,
+      allowDownload: share.settings.allowDownload ? 1 : 0,
+      allowPreview: share.settings.allowPreview ? 1 : 0,
+    });
+
+    return {
+      success: true,
+      code: 200,
+      data: share,
+    };
+  });
+
   Mock.mock(/\/api\/v1\/shares\/([^/]+)$/, 'delete', (options) => {
     const shareLink = (options.url.match(/\/api\/v1\/shares\/([^/?]+)/) || [])[1];
     const index = mockShares.findIndex((item) => item.shareLink === shareLink || item.shareId === shareLink);
diff --git a/web/src/mock/handlers/storage.ts b/web/src/mock/handlers/storage.ts
index b8b9317..b606ac7 100644
--- a/web/src/mock/handlers/storage.ts
+++ b/web/src/mock/handlers/storage.ts
@@ -1,5 +1,5 @@
 import Mock from 'mockjs';
-import { mockUsers } from '../state';
+import { addLog, getCurrentUser, mockUsers } from '../state';
 import { vfsApi } from '../vfs';
 
 function computeStorageStats() {
@@ -8,7 +8,8 @@ function computeStorageStats() {
   const folders = nodes.filter((node) => node.type === 'folder' && node.id !== 'root');
 
   const storageUsed = files.reduce((sum, node) => sum + (node.size || 0), 0);
-  const storageLimit = mockUsers[0]?.storageLimit || 100 * 1024 * 1024 * 1024;
+  const currentUser = getCurrentUser();
+  const storageLimit = currentUser.storageLimit || 100 * 1024 * 1024 * 1024;
 
   const bucket = {
     documents: { size: 0, count: 0 },
@@ -124,4 +125,43 @@ export const setupStorageMocks = () => {
       },
     };
   });
+
+  Mock.mock(/\/api\/v1\/admin\/storage\/users\/([^/]+)\/quota$/, 'patch', (options) => {
+    const userId = (options.url.match(/\/api\/v1\/admin\/storage\/users\/([^/]+)\/quota/) || [])[1];
+    const { storageLimit } = JSON.parse(options.body || '{}');
+
+    if (!Number.isFinite(storageLimit) || Number(storageLimit) <= 0) {
+      return {
+        success: false,
+        code: 400,
+        message: 'storageLimit must be a positive number',
+        data: null,
+      };
+    }
+
+    const target = mockUsers.find((user) => user.userId === userId);
+    if (!target) {
+      return {
+        success: false,
+        code: 404,
+        message: 'User not found',
+        data: null,
+      };
+    }
+
+    target.storageLimit = Number(storageLimit);
+    addLog('admin_storage_quota_update', { userId: target.userId, storageLimit: target.storageLimit });
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        userId: target.userId,
+        storageLimit: target.storageLimit,
+        storageUsed: target.storageUsed,
+        usagePercentage: Number(((target.storageUsed / target.storageLimit) * 100).toFixed(2)),
+        updatedAt: new Date().toISOString(),
+      },
+    };
+  });
 };
diff --git a/web/src/mock/handlers/system.ts b/web/src/mock/handlers/system.ts
new file mode 100644
index 0000000..eb473fc
--- /dev/null
+++ b/web/src/mock/handlers/system.ts
@@ -0,0 +1,58 @@
+import Mock from 'mockjs';
+
+export const setupSystemMocks = () => {
+  Mock.mock(/\/api\/v1\/admin\/system\/health$/, 'get', () => {
+    return {
+      success: true,
+      code: 200,
+      data: {
+        platformTargets: ['web', 'electron'],
+        maxConcurrentUploads: 8,
+        activeUploadSessions: Mock.Random.integer(1, 4),
+        virusScanEnabled: true,
+        thumbnailGenerationEnabled: true,
+        registrationMailEnabled: true,
+        hashComputationEnabled: true,
+        lastUpdatedAt: new Date().toISOString(),
+      },
+    };
+  });
+
+  Mock.mock(/\/api\/v1\/admin\/system\/rate-limit$/, 'get', () => {
+    const rules = [
+      {
+        ruleId: 'auth-login-ip',
+        scope: 'auth:login:ip',
+        windowSeconds: 60,
+        limit: 20,
+        currentUsage: Mock.Random.integer(3, 16),
+        blockedRequests: Mock.Random.integer(0, 2),
+      },
+      {
+        ruleId: 'upload-user',
+        scope: 'upload:user',
+        windowSeconds: 60,
+        limit: 120,
+        currentUsage: Mock.Random.integer(20, 90),
+        blockedRequests: Mock.Random.integer(0, 5),
+      },
+      {
+        ruleId: 'share-access-ip',
+        scope: 'share:access:ip',
+        windowSeconds: 60,
+        limit: 60,
+        currentUsage: Mock.Random.integer(8, 35),
+        blockedRequests: Mock.Random.integer(0, 3),
+      },
+    ];
+
+    return {
+      success: true,
+      code: 200,
+      data: {
+        rules,
+        evaluatedAt: new Date().toISOString(),
+      },
+    };
+  });
+};
diff --git a/web/src/mock/handlers/user.ts b/web/src/mock/handlers/user.ts
index 9ce7650..0801a1e 100644
--- a/web/src/mock/handlers/user.ts
+++ b/web/src/mock/handlers/user.ts
@@ -1,5 +1,5 @@
 import Mock from 'mockjs';
-import { addLog, addNotification, mockLogs, mockUsers, paginate } from '../state';
+import { addLog, addNotification, getCurrentUser, mockLogs, mockUsers, paginate } from '../state';
 
 const profileGroups = [
   {
@@ -36,7 +36,16 @@ export const setupUserMocks = () => {
     const filtered = mockUsers.filter((user) => {
       if (!search) return true;
       return user.username.toLowerCase().includes(search) || user.email.toLowerCase().includes(search);
-    });
+    }).map((user) => ({
+      userId: user.userId,
+      username: user.username,
+      email: user.email,
+      storageLimit: user.storageLimit,
+      storageUsed: user.storageUsed,
+      createdAt: user.createdAt,
+      role: user.role,
+      status: user.status,
+    }));
 
     return {
       success: true,
@@ -51,7 +60,12 @@ export const setupUserMocks = () => {
     const perPage = Number(url.searchParams.get('perPage') || 20);
 
     const users = mockUsers.map((user) => ({
-      ...user,
+      userId: user.userId,
+      username: user.username,
+      email: user.email,
+      storageLimit: user.storageLimit,
+      storageUsed: user.storageUsed,
+      createdAt: user.createdAt,
       role: user.role,
       status: user.status,
       lastActiveAt: new Date(Date.now() - Mock.Random.integer(1, 72) * 3600000).toISOString(),
@@ -146,7 +160,7 @@ export const setupUserMocks = () => {
   });
 
   Mock.mock(/\/api\/v1\/me\/profile$/, 'get', () => {
-    const user = mockUsers[0];
+    const user = getCurrentUser();
 
     return {
       success: true,
@@ -158,6 +172,8 @@ export const setupUserMocks = () => {
         storageLimit: user.storageLimit,
         storageUsed: user.storageUsed,
         createdAt: user.createdAt,
+        role: user.role,
+        status: user.status,
         updatedAt: new Date().toISOString(),
         lastLogin: new Date(Date.now() - 2 * 3600000).toISOString(),
         groups: profileGroups,
@@ -167,7 +183,7 @@ export const setupUserMocks = () => {
 
   Mock.mock(/\/api\/v1\/me\/update-profile$/, 'put', (options) => {
     const { username, email } = JSON.parse(options.body || '{}');
-    const user = mockUsers[0];
+    const user = getCurrentUser();
 
     if (username) user.username = username;
     if (email) user.email = email;
@@ -182,6 +198,8 @@ export const setupUserMocks = () => {
         storageLimit: user.storageLimit,
         storageUsed: user.storageUsed,
         createdAt: user.createdAt,
+        role: user.role,
+        status: user.status,
         updatedAt: new Date().toISOString(),
         lastLogin: new Date(Date.now() - 2 * 3600000).toISOString(),
         groups: profileGroups,
@@ -200,7 +218,7 @@ export const setupUserMocks = () => {
   });
 
   Mock.mock(/\/api\/v1\/me\/storage-stats$/, 'get', () => {
-    const user = mockUsers[0];
+    const user = getCurrentUser();
     const percentage = Number(((user.storageUsed / user.storageLimit) * 100).toFixed(2));
 
     return {
diff --git a/web/src/mock/index.ts b/web/src/mock/index.ts
index 285f078..330c28c 100644
--- a/web/src/mock/index.ts
+++ b/web/src/mock/index.ts
@@ -10,6 +10,7 @@ import { setupPermissionMocks } from './handlers/permission';
 import { setupNotificationMocks } from './handlers/notification';
 import { setupLogMocks } from './handlers/log';
 import { setupStorageMocks } from './handlers/storage';
+import { setupSystemMocks } from './handlers/system';
 
 // Setup all mock handlers
 export const setupMocks = () => {
@@ -25,6 +26,7 @@ export const setupMocks = () => {
   setupNotificationMocks();
   setupLogMocks();
   setupStorageMocks();
+  setupSystemMocks();
 };
 
 // Immediately setup mocks when this module is imported
diff --git a/web/src/mock/state.ts b/web/src/mock/state.ts
index 2d7faf1..101dc4a 100644
--- a/web/src/mock/state.ts
+++ b/web/src/mock/state.ts
@@ -8,6 +8,7 @@ import type { User } from '../types/user';
 export type MockUserRecord = User & {
   status: 'active' | 'suspended';
   role: 'user' | 'admin';
+  password: string;
 };
 
 const now = () => new Date().toISOString();
@@ -23,16 +24,28 @@ let logId = 1000;
 export const mockUsers: MockUserRecord[] = [
   {
     userId: 'user1',
-    username: 'Demo User',
-    email: 'demo@example.com',
+    username: 'admin',
+    email: 'admin@fileflash.mock',
     storageLimit: 107374182400,
     storageUsed: 21474836480,
     createdAt: '2025-01-10T09:30:00.000Z',
     status: 'active',
     role: 'admin',
+    password: 'admin123',
   },
   {
     userId: 'user2',
+    username: 'demo',
+    email: 'demo@example.com',
+    storageLimit: 53687091200,
+    storageUsed: 10737418240,
+    createdAt: '2025-02-18T10:10:00.000Z',
+    status: 'active',
+    role: 'user',
+    password: 'demo123',
+  },
+  {
+    userId: 'user3',
     username: 'Alice Chen',
     email: 'alice@example.com',
     storageLimit: 53687091200,
@@ -40,9 +53,10 @@ export const mockUsers: MockUserRecord[] = [
     createdAt: '2025-03-12T11:20:00.000Z',
     status: 'active',
     role: 'user',
+    password: 'alice123',
   },
   {
-    userId: 'user3',
+    userId: 'user4',
     username: 'Bob Wang',
     email: 'bob@example.com',
     storageLimit: 53687091200,
@@ -50,9 +64,10 @@ export const mockUsers: MockUserRecord[] = [
     createdAt: '2025-06-02T08:15:00.000Z',
     status: 'active',
     role: 'user',
+    password: 'bob123',
   },
   {
-    userId: 'user4',
+    userId: 'user5',
     username: 'Charlie Li',
     email: 'charlie@example.com',
     storageLimit: 53687091200,
@@ -60,6 +75,7 @@ export const mockUsers: MockUserRecord[] = [
     createdAt: '2025-08-01T06:05:00.000Z',
     status: 'suspended',
     role: 'user',
+    password: 'charlie123',
   },
 ];
 
@@ -267,6 +283,16 @@ export function paginate<T>(items: T[], page = 1, perPage = 20) {
   };
 }
 
+let currentUserId = mockUsers[0].userId;
+
+export function setCurrentUser(userId: string) {
+  const target = mockUsers.find((user) => user.userId === userId);
+  if (target) {
+    currentUserId = target.userId;
+  }
+}
+
 export function getCurrentUser() {
-  return mockUsers[0];
+  const target = mockUsers.find((user) => user.userId === currentUserId);
+  return target || mockUsers[0];
 }

From deec9ed3cc3f33c7c0add79ce97f44ab298194ab Mon Sep 17 00:00:00 2001
From: 0neStep <146049978+AperturePlus@users.noreply.github.com>
Date: Sat, 21 Mar 2026 16:17:12 +0800
Subject: [PATCH 8/8] feat(web-ui): add admin-aware dashboard and share
 settings controls

---
 web/src/components/common/ShareDialog.vue  | 213 ++++++++++++++++--
 web/src/components/layout/Header.vue       |  26 ++-
 web/src/components/layout/RightSidebar.vue |  58 +++--
 web/src/pages/dashboard/Dashboard.vue      | 238 ++++++++++++++++++---
 web/src/pages/files/MyFiles.vue            |   2 +-
 web/src/pages/login/Login.vue              |  60 ++++--
 web/src/router/gurad.ts                    |   5 +
 web/src/router/routes.ts                   |   2 +-
 web/src/store/user.ts                      |  37 +++-
 9 files changed, 556 insertions(+), 85 deletions(-)

diff --git a/web/src/components/common/ShareDialog.vue b/web/src/components/common/ShareDialog.vue
index 3f7884d..0fc6e03 100644
--- a/web/src/components/common/ShareDialog.vue
+++ b/web/src/components/common/ShareDialog.vue
@@ -2,10 +2,10 @@
 import { computed, ref, watch } from 'vue';
 import { useDebounceFn } from '@vueuse/core';
 import type { ContentItem } from '../../types/file';
-import type { Collaborator } from '../../types/share';
+import type { Collaborator, Share } from '../../types/share';
 import type { PermissionItem } from '../../types/permission';
 import type { User, UserGroup } from '../../types/user';
-import { createShare } from '../../api/share';
+import { createShare, getShares, updateShareSettings } from '../../api/share';
 import { getUsers } from '../../api/user';
 import { getUserGroups } from '../../api/usergroup';
 import { createPermission, deletePermission, getPermissions, updatePermission } from '../../api/permission';
@@ -25,7 +25,17 @@ const isSearching = ref(false);
 
 const publicLinkEnabled = ref(false);
 const publicLink = ref('');
+const currentShareLink = ref('');
 const isCreatingShare = ref(false);
+const isSavingSettings = ref(false);
+const settingsMessage = ref('');
+
+const shareSettings = ref({
+  passwordProtected: false,
+  expireAt: '' as string,
+  allowDownload: true,
+  allowPreview: true,
+});
 
 const currentItemPayload = computed(() => {
   if (!props.itemToShare) return null;
@@ -55,6 +65,48 @@ const fetchPermissions = async () => {
   }
 };
 
+const hydrateShareSettings = (share: Share) => {
+  shareSettings.value = {
+    passwordProtected: share.settings.passwordProtected,
+    expireAt: share.settings.expireAt ? share.settings.expireAt.slice(0, 10) : '',
+    allowDownload: share.settings.allowDownload,
+    allowPreview: share.settings.allowPreview,
+  };
+};
+
+const loadExistingShare = async () => {
+  if (!props.itemToShare) {
+    return;
+  }
+
+  try {
+    const response = await getShares({ page: 1, perPage: 100 });
+    const matched = response.items.find(
+      (item) => item.itemType === props.itemToShare?.itemType && item.itemInfo.id === props.itemToShare?.id,
+    );
+
+    if (!matched) {
+      currentShareLink.value = '';
+      publicLink.value = '';
+      publicLinkEnabled.value = false;
+      shareSettings.value = {
+        passwordProtected: false,
+        expireAt: '',
+        allowDownload: true,
+        allowPreview: true,
+      };
+      return;
+    }
+
+    currentShareLink.value = matched.shareLink;
+    publicLink.value = `${window.location.origin}/share/${matched.shareLink}`;
+    publicLinkEnabled.value = true;
+    hydrateShareSettings(matched);
+  } catch (error) {
+    console.error('Failed to load existing share', error);
+  }
+};
+
 const searchCollaborators = async (keyword: string) => {
   const query = keyword.trim();
   if (!query) {
@@ -141,13 +193,16 @@ const createPublicShare = async () => {
   if (!props.itemToShare) return;
 
   isCreatingShare.value = true;
+  settingsMessage.value = '';
   try {
     const share = await createShare({
       resourceType: props.itemToShare.itemType,
       resourceId: props.itemToShare.id,
     });
 
+    currentShareLink.value = share.shareLink;
     publicLink.value = `${window.location.origin}/share/${share.shareLink}`;
+    hydrateShareSettings(share);
   } catch (error) {
     console.error('Failed to create share link', error);
     publicLinkEnabled.value = false;
@@ -156,11 +211,40 @@ const createPublicShare = async () => {
   }
 };
 
+const saveShareSettings = async () => {
+  if (!currentShareLink.value) return;
+
+  isSavingSettings.value = true;
+  settingsMessage.value = '';
+
+  try {
+    const updated = await updateShareSettings(currentShareLink.value, {
+      passwordProtected: shareSettings.value.passwordProtected,
+      allowDownload: shareSettings.value.allowDownload,
+      allowPreview: shareSettings.value.allowPreview,
+      expireAt: shareSettings.value.expireAt ? `${shareSettings.value.expireAt}T23:59:59.000Z` : null,
+    });
+
+    hydrateShareSettings(updated);
+    settingsMessage.value = 'Share settings saved.';
+  } catch (error) {
+    console.error('Failed to save share settings', error);
+    settingsMessage.value = 'Failed to save settings.';
+  } finally {
+    isSavingSettings.value = false;
+  }
+};
+
+const clearExpireDate = () => {
+  shareSettings.value.expireAt = '';
+};
+
 const copyLink = async () => {
   if (!publicLink.value) return;
 
   try {
     await navigator.clipboard.writeText(publicLink.value);
+    settingsMessage.value = 'Link copied.';
   } catch {
     window.prompt('Copy this link', publicLink.value);
   }
@@ -173,17 +257,20 @@ watch(
 
     searchKeyword.value = '';
     searchResults.value = [];
-    publicLinkEnabled.value = false;
-    publicLink.value = '';
+    settingsMessage.value = '';
 
-    await fetchPermissions();
+    await Promise.all([fetchPermissions(), loadExistingShare()]);
   },
 );
 
 watch(publicLinkEnabled, (enabled) => {
-  if (enabled && !publicLink.value) {
+  if (enabled && !currentShareLink.value) {
     createPublicShare();
   }
+
+  if (!enabled) {
+    settingsMessage.value = 'Public link hidden in this dialog. Existing links are kept.';
+  }
 });
 </script>
 
@@ -194,9 +281,9 @@ watch(publicLinkEnabled, (enabled) => {
         <header class="modal-header">
           <div>
             <h3 class="modal-title">Share: {{ itemToShare?.name }}</h3>
-            <p class="subtitle">Manage access and generate a public link.</p>
+            <p class="subtitle">Manage collaborator permissions and public link access.</p>
           </div>
-          <button class="modal-close" @click="$emit('close')" aria-label="Close dialog">×</button>
+          <button class="modal-close" @click="$emit('close')" aria-label="Close dialog">x</button>
         </header>
 
         <div class="modal-body">
@@ -247,7 +334,7 @@ watch(publicLinkEnabled, (enabled) => {
             <div class="public-head">
               <div>
                 <h4>Public Link</h4>
-                <p>Anyone with the link can access according to permission rules.</p>
+                <p>Configure password, expiry date, and download/preview permissions.</p>
               </div>
 
               <label class="switch">
@@ -258,10 +345,42 @@ watch(publicLinkEnabled, (enabled) => {
 
             <div v-if="publicLinkEnabled" class="public-content">
               <div v-if="isCreatingShare" class="hint">Generating link...</div>
-              <div v-else class="link-row">
-                <input type="text" :value="publicLink" readonly />
-                <button @click="copyLink">Copy</button>
-              </div>
+              <template v-else>
+                <div class="link-row">
+                  <input type="text" :value="publicLink" readonly />
+                  <button @click="copyLink">Copy</button>
+                </div>
+
+                <div class="settings-grid">
+                  <label class="setting-check">
+                    <input v-model="shareSettings.passwordProtected" type="checkbox" />
+                    <span>Password protected</span>
+                  </label>
+                  <label class="setting-check">
+                    <input v-model="shareSettings.allowDownload" type="checkbox" />
+                    <span>Allow download</span>
+                  </label>
+                  <label class="setting-check">
+                    <input v-model="shareSettings.allowPreview" type="checkbox" />
+                    <span>Allow preview</span>
+                  </label>
+
+                  <div class="setting-date-row">
+                    <label for="share-expire-date">Expire date</label>
+                    <div class="date-input-wrap">
+                      <input id="share-expire-date" v-model="shareSettings.expireAt" type="date" />
+                      <button type="button" class="ghost-btn" @click="clearExpireDate">Clear</button>
+                    </div>
+                  </div>
+                </div>
+
+                <div class="settings-actions">
+                  <button class="save-btn" :disabled="isSavingSettings" @click="saveShareSettings">
+                    {{ isSavingSettings ? 'Saving...' : 'Save settings' }}
+                  </button>
+                  <span v-if="settingsMessage" class="hint">{{ settingsMessage }}</span>
+                </div>
+              </template>
             </div>
           </section>
         </div>
@@ -286,7 +405,7 @@ watch(publicLinkEnabled, (enabled) => {
 }
 
 .modal-dialog {
-  width: min(700px, calc(100vw - 24px));
+  width: min(760px, calc(100vw - 24px));
   max-height: calc(100vh - 40px);
   display: flex;
   flex-direction: column;
@@ -452,6 +571,8 @@ watch(publicLinkEnabled, (enabled) => {
 
 .public-content {
   margin-top: 10px;
+  display: grid;
+  gap: 12px;
 }
 
 .link-row {
@@ -470,7 +591,9 @@ watch(publicLinkEnabled, (enabled) => {
   font-size: 12px;
 }
 
-.link-row button {
+.link-row button,
+.save-btn,
+.ghost-btn {
   height: 36px;
   border-radius: 8px;
   border: 1px solid var(--color-border);
@@ -479,6 +602,53 @@ watch(publicLinkEnabled, (enabled) => {
   padding: 0 12px;
 }
 
+.settings-grid {
+  display: grid;
+  gap: 10px;
+}
+
+.setting-check {
+  display: inline-flex;
+  align-items: center;
+  gap: 8px;
+}
+
+.setting-date-row {
+  display: grid;
+  gap: 6px;
+}
+
+.setting-date-row label {
+  font-size: 12px;
+  color: var(--color-text-secondary);
+}
+
+.date-input-wrap {
+  display: grid;
+  grid-template-columns: minmax(120px, 220px) auto;
+  gap: 8px;
+}
+
+.date-input-wrap input {
+  height: 36px;
+  border-radius: 8px;
+  border: 1px solid var(--color-border);
+  background-color: var(--color-bg-primary);
+  padding: 0 10px;
+}
+
+.settings-actions {
+  display: flex;
+  align-items: center;
+  gap: 10px;
+}
+
+.save-btn {
+  border: none;
+  background-color: var(--color-primary);
+  color: var(--color-text-on-primary);
+}
+
 .modal-footer {
   padding: 12px 16px;
   border-top: 1px solid var(--color-divider);
@@ -545,4 +715,17 @@ watch(publicLinkEnabled, (enabled) => {
 .modal-fade-leave-to {
   opacity: 0;
 }
+
+@media (max-width: 760px) {
+  .collaborator-item {
+    grid-template-columns: 1fr;
+  }
+
+  .link-row,
+  .date-input-wrap,
+  .settings-actions {
+    grid-template-columns: 1fr;
+    display: grid;
+  }
+}
 </style>
diff --git a/web/src/components/layout/Header.vue b/web/src/components/layout/Header.vue
index b12c991..441a096 100644
--- a/web/src/components/layout/Header.vue
+++ b/web/src/components/layout/Header.vue
@@ -1,5 +1,5 @@
 <script setup lang="ts">
-import { ref } from 'vue';
+import { computed, ref } from 'vue';
 import { useRouter } from 'vue-router';
 import { useDebounceFn } from '@vueuse/core';
 import { useThemeStore } from '../../store/theme';
@@ -13,6 +13,7 @@ const themeStore = useThemeStore();
 const userStore = useUserStore();
 const router = useRouter();
 const searchQuery = ref('');
+const isAdmin = computed(() => userStore.user?.role === 'admin');
 
 defineProps<{
   leftSidebarCollapsed: boolean;
@@ -102,12 +103,15 @@ const handleSearchInput = (event: Event) => {
         <template #content>
           <div class="menu">
             <div class="menu-header">
-              <strong>{{ userStore.user?.username || 'User' }}</strong>
+              <div class="menu-user-row">
+                <strong>{{ userStore.user?.username || 'User' }}</strong>
+                <span v-if="isAdmin" class="role-tag">Admin</span>
+              </div>
               <small>{{ userStore.user?.email || 'user@example.com' }}</small>
             </div>
             <router-link class="menu-item" to="/profile">Profile</router-link>
             <router-link class="menu-item" to="/settings">Settings</router-link>
-            <router-link class="menu-item" to="/dashboard">Dashboard</router-link>
+            <router-link v-if="isAdmin" class="menu-item" to="/dashboard">Dashboard</router-link>
             <button class="menu-item danger" @click="handleLogout">Log out</button>
           </div>
         </template>
@@ -282,6 +286,22 @@ const handleSearchInput = (event: Event) => {
   flex-direction: column;
 }
 
+.menu-user-row {
+  display: flex;
+  align-items: center;
+  justify-content: space-between;
+  gap: 8px;
+}
+
+.role-tag {
+  font-size: 11px;
+  padding: 2px 8px;
+  border-radius: 999px;
+  border: 1px solid rgba(var(--color-primary-rgb), 0.28);
+  color: var(--color-primary-dark);
+  background-color: rgba(var(--color-primary-rgb), 0.12);
+}
+
 .menu-header strong {
   font-size: 13px;
 }
diff --git a/web/src/components/layout/RightSidebar.vue b/web/src/components/layout/RightSidebar.vue
index 4c4df0c..6548b2f 100644
--- a/web/src/components/layout/RightSidebar.vue
+++ b/web/src/components/layout/RightSidebar.vue
@@ -1,24 +1,23 @@
 <script setup lang="ts">
 import { computed, onUnmounted, ref, watch } from 'vue';
-import { storeToRefs } from 'pinia';
-import { previewFile } from '../../api/file';
+import { downloadFile, previewFile } from '../../api/file';
 import { useFileStore } from '../../store/file';
 
 defineProps<{ visible: boolean }>();
 
 const fileStore = useFileStore();
-const { selectedFile } = storeToRefs(fileStore);
 
 const isLoading = ref(false);
 const error = ref('');
 const textContent = ref('');
 const objectUrl = ref('');
 
-const selectedMime = computed(() => {
-  if (!selectedFile.value || selectedFile.value.itemType !== 'file') return '';
-  return selectedFile.value.mimeType || '';
+const selectedFile = computed(() => {
+  if (!fileStore.selectedFile || fileStore.selectedFile.itemType !== 'file') return null;
+  return fileStore.selectedFile;
 });
 
+const selectedMime = computed(() => selectedFile.value?.mimeType || '');
 const isText = computed(() => selectedMime.value.startsWith('text/') || selectedMime.value.includes('json'));
 const isPdf = computed(() => selectedMime.value === 'application/pdf');
 const isImage = computed(() => selectedMime.value.startsWith('image/'));
@@ -45,7 +44,7 @@ const resetState = () => {
 const loadPreview = async () => {
   resetState();
 
-  if (!selectedFile.value || selectedFile.value.itemType !== 'file') {
+  if (!selectedFile.value) {
     return;
   }
 
@@ -64,6 +63,24 @@ const loadPreview = async () => {
   }
 };
 
+const downloadSelectedFile = async () => {
+  if (!selectedFile.value) return;
+
+  try {
+    const blob = await downloadFile(selectedFile.value.id);
+    const object = URL.createObjectURL(blob);
+    const anchor = document.createElement('a');
+    anchor.href = object;
+    anchor.download = selectedFile.value.name;
+    document.body.appendChild(anchor);
+    anchor.click();
+    anchor.remove();
+    URL.revokeObjectURL(object);
+  } catch {
+    error.value = 'Unable to download this file.';
+  }
+};
+
 watch(selectedFile, () => {
   loadPreview();
 }, { immediate: true });
@@ -79,15 +96,20 @@ const closeSidebar = () => {
 
 <template>
   <aside :class="['right-sidebar', { visible }]">
-    <template v-if="selectedFile && selectedFile.itemType === 'file'">
+    <template v-if="selectedFile">
       <header class="sidebar-header">
         <div>
           <h3 class="filename" :title="selectedFile.name">{{ selectedFile.name }}</h3>
-          <p class="meta">{{ selectedMime || 'unknown type' }} · {{ formatBytes(selectedFile.size) }}</p>
+          <p class="meta">{{ selectedMime || 'unknown type' }} | {{ formatBytes(selectedFile.size) }}</p>
         </div>
-        <button class="close-btn" @click="closeSidebar" aria-label="Close preview panel">×</button>
+        <button class="close-btn" @click="closeSidebar" aria-label="Close preview panel">x</button>
       </header>
 
+      <div class="sidebar-actions">
+        <button class="action-btn" @click="downloadSelectedFile">Download</button>
+        <button class="action-btn" @click="loadPreview">Reload Preview</button>
+      </div>
+
       <div class="sidebar-content">
         <div v-if="isLoading" class="state">Loading preview...</div>
         <div v-else-if="error" class="state error">{{ error }}</div>
@@ -158,13 +180,25 @@ const closeSidebar = () => {
   font-size: 12px;
 }
 
-.close-btn {
-  width: 32px;
+.close-btn,
+.action-btn {
   height: 32px;
   border-radius: 8px;
   border: 1px solid var(--color-border);
   background-color: var(--color-bg-primary);
   cursor: pointer;
+  padding: 0 10px;
+}
+
+.close-btn {
+  width: 32px;
+  padding: 0;
+}
+
+.sidebar-actions {
+  display: flex;
+  gap: 8px;
+  padding: 10px var(--spacing-md) 0;
 }
 
 .sidebar-content {
diff --git a/web/src/pages/dashboard/Dashboard.vue b/web/src/pages/dashboard/Dashboard.vue
index 68447a9..1131526 100644
--- a/web/src/pages/dashboard/Dashboard.vue
+++ b/web/src/pages/dashboard/Dashboard.vue
@@ -1,27 +1,38 @@
 <script setup lang="ts">
-import { onMounted, ref } from 'vue';
+import { computed, onMounted, ref } from 'vue';
 import { deleteShare, getShares } from '../../api/share';
 import { getLogs } from '../../api/log';
 import { broadcastNotification, getNotifications } from '../../api/notification';
-import { getStorageSummary, getUsageTrend } from '../../api/storage';
+import { getStorageSummary, getStorageUsers, getUsageTrend, updateStorageQuota } from '../../api/storage';
 import { getAdminUsers, getViolations, resolveViolation, updateUserStatus } from '../../api/user';
+import { getAdminFiles, rescanAdminFile } from '../../api/file';
+import { getRateLimitStatus, getSystemHealth } from '../../api/system';
 import type { StorageStats } from '../../types/user';
 import type { Share } from '../../types/share';
 import type { LogItem } from '../../types/log';
 import type { NotificationItem } from '../../types/notification';
+import type { AdminFileAuditItem } from '../../types/file';
+import type { SystemHealth, RateLimitStatus } from '../../types/system';
 
 const isLoading = ref(false);
+const noticeText = ref('');
+const auditSearch = ref('');
+const auditStatus = ref<'all' | 'clean' | 'pending' | 'flagged'>('all');
 
 const storageSummary = ref<StorageStats | null>(null);
 const usageTrend = ref<Array<{ date: string; used: number }>>([]);
-
 const adminUsers = ref<any[]>([]);
+const storageUsers = ref<any[]>([]);
 const logs = ref<LogItem[]>([]);
 const shares = ref<Share[]>([]);
 const violations = ref<any[]>([]);
 const notifications = ref<NotificationItem[]>([]);
+const auditFiles = ref<AdminFileAuditItem[]>([]);
+const systemHealth = ref<SystemHealth | null>(null);
+const rateLimitStatus = ref<RateLimitStatus | null>(null);
 
-const noticeText = ref('');
+const pendingViolationCount = computed(() => violations.value.length);
+const flaggedFileCount = computed(() => auditFiles.value.filter((file) => file.virusStatus === 'flagged').length);
 
 const formatBytes = (bytes: number) => {
   if (!bytes) return '0 B';
@@ -30,27 +41,60 @@ const formatBytes = (bytes: number) => {
   return `${(bytes / Math.pow(1024, i)).toFixed(i === 0 ? 0 : 1)} ${units[i]}`;
 };
 
+const formatPercent = (value: number) => `${Number.isFinite(value) ? value.toFixed(1) : '0.0'}%`;
+
+const loadAuditFiles = async () => {
+  const response = await getAdminFiles({
+    page: 1,
+    perPage: 8,
+    search: auditSearch.value.trim() || undefined,
+    virusStatus: auditStatus.value === 'all' ? undefined : auditStatus.value,
+    sort: 'updatedAt',
+    order: 'desc',
+  });
+  auditFiles.value = response.items;
+};
+
 const loadDashboardData = async () => {
   isLoading.value = true;
 
   try {
-    const [summary, trend, users, logRes, shareRes, violationRes, notificationRes] = await Promise.all([
+    const [
+      summary,
+      trend,
+      users,
+      storageUsersRes,
+      logRes,
+      shareRes,
+      violationRes,
+      notificationRes,
+      health,
+      rateLimit,
+    ] = await Promise.all([
       getStorageSummary(),
       getUsageTrend({ days: 7 }),
       getAdminUsers({ page: 1, perPage: 8 }),
+      getStorageUsers(),
       getLogs({ page: 1, perPage: 8 }),
       getShares({ page: 1, perPage: 8 }),
       getViolations(),
       getNotifications({ page: 1, perPage: 8 }),
+      getSystemHealth(),
+      getRateLimitStatus(),
     ]);
 
     storageSummary.value = summary;
     usageTrend.value = trend.trends;
     adminUsers.value = users.items;
+    storageUsers.value = storageUsersRes.items;
     logs.value = logRes.logs;
     shares.value = shareRes.items;
     violations.value = violationRes.items;
     notifications.value = notificationRes.items;
+    systemHealth.value = health;
+    rateLimitStatus.value = rateLimit;
+
+    await loadAuditFiles();
   } finally {
     isLoading.value = false;
   }
@@ -61,6 +105,19 @@ const handleUpdateUserStatus = async (user: any, status: 'active' | 'suspended')
   user.status = status;
 };
 
+const handleAdjustQuota = async (user: any) => {
+  const currentGb = (user.storageLimit / 1024 / 1024 / 1024).toFixed(1);
+  const next = window.prompt(`Set quota for ${user.username} (GB)`, currentGb);
+  if (!next) return;
+
+  const parsed = Number(next);
+  if (!Number.isFinite(parsed) || parsed <= 0) return;
+
+  const result = await updateStorageQuota(user.userId, Math.round(parsed * 1024 * 1024 * 1024));
+  user.storageLimit = result.storageLimit;
+  user.usagePercentage = result.usagePercentage;
+};
+
 const handleResolveViolation = async (violationId: string) => {
   await resolveViolation(violationId);
   violations.value = violations.value.filter((item) => item.id !== violationId);
@@ -71,6 +128,14 @@ const handleDeleteShare = async (share: Share) => {
   shares.value = shares.value.filter((item) => item.shareId !== share.shareId);
 };
 
+const handleRescanFile = async (fileId: string) => {
+  const result = await rescanAdminFile(fileId);
+  const target = auditFiles.value.find((item) => item.id === fileId);
+  if (target) {
+    target.virusStatus = result.virusStatus;
+  }
+};
+
 const sendNotice = async () => {
   if (!noticeText.value.trim()) return;
   await broadcastNotification(noticeText.value.trim());
@@ -86,31 +151,39 @@ onMounted(loadDashboardData);
   <section class="dashboard-page">
     <header class="page-header">
       <div>
-        <h1>Admin Dashboard</h1>
-        <p>Monitor storage, users, shares, logs, violations and notices in one place.</p>
+        <h1>Admin Operations Console</h1>
+        <p>Centralized view of users, storage, logs, sharing, and security controls.</p>
       </div>
       <button class="refresh-btn" @click="loadDashboardData" :disabled="isLoading">
-        {{ isLoading ? 'Refreshing...' : 'Refresh' }}
+        {{ isLoading ? 'Refreshing...' : 'Refresh Data' }}
       </button>
     </header>
 
-    <div class="metrics" v-if="storageSummary">
+    <div class="metrics" v-if="storageSummary && systemHealth">
       <article class="metric-card">
-        <h3>Total Storage</h3>
+        <h3>Storage Used</h3>
         <strong>{{ formatBytes(storageSummary.storageUsed) }}</strong>
         <small>/ {{ formatBytes(storageSummary.storageLimit) }}</small>
       </article>
       <article class="metric-card">
-        <h3>Files</h3>
+        <h3>Usage Ratio</h3>
+        <strong>{{ Math.round(storageSummary.storagePercentage) }}%</strong>
+      </article>
+      <article class="metric-card">
+        <h3>Total Files</h3>
         <strong>{{ storageSummary.fileCount }}</strong>
       </article>
       <article class="metric-card">
-        <h3>Folders</h3>
-        <strong>{{ storageSummary.folderCount }}</strong>
+        <h3>Pending Violations</h3>
+        <strong>{{ pendingViolationCount }}</strong>
       </article>
       <article class="metric-card">
-        <h3>Usage</h3>
-        <strong>{{ Math.round(storageSummary.storagePercentage) }}%</strong>
+        <h3>Flagged Files</h3>
+        <strong>{{ flaggedFileCount }}</strong>
+      </article>
+      <article class="metric-card">
+        <h3>Active Upload Sessions</h3>
+        <strong>{{ systemHealth.activeUploadSessions }}</strong>
       </article>
     </div>
 
@@ -118,13 +191,41 @@ onMounted(loadDashboardData);
       <h3>7-Day Storage Trend</h3>
       <div class="trend-bars">
         <div v-for="point in usageTrend" :key="point.date" class="bar-item">
-          <div class="bar-track"><div class="bar-fill" :style="{ height: `${Math.max(6, (point.used / (usageTrend[usageTrend.length - 1].used || 1)) * 100)}%` }" /></div>
+          <div class="bar-track"><div class="bar-fill" :style="{ height: `${Math.max(8, (point.used / (usageTrend[usageTrend.length - 1].used || 1)) * 100)}%` }" /></div>
           <small>{{ point.date.slice(5) }}</small>
         </div>
       </div>
     </div>
 
     <div class="grid">
+      <article class="card span-2">
+        <div class="card-head">
+          <h3>File Audit</h3>
+          <div class="audit-filters">
+            <input v-model="auditSearch" type="text" placeholder="Search file name" @change="loadAuditFiles" />
+            <select v-model="auditStatus" @change="loadAuditFiles">
+              <option value="all">All status</option>
+              <option value="clean">Clean</option>
+              <option value="pending">Pending</option>
+              <option value="flagged">Flagged</option>
+            </select>
+          </div>
+        </div>
+
+        <div class="table-list">
+          <div v-for="file in auditFiles" :key="file.id" class="table-row">
+            <div>
+              <strong>{{ file.name }}</strong>
+              <small>{{ file.mimeType }} | {{ formatBytes(file.size) }} | {{ file.hash }}</small>
+            </div>
+            <div class="row-actions">
+              <span class="badge" :class="file.virusStatus">{{ file.virusStatus }}</span>
+              <button class="status-btn" @click="handleRescanFile(file.id)">Rescan</button>
+            </div>
+          </div>
+        </div>
+      </article>
+
       <article class="card">
         <h3>User Management</h3>
         <div class="table-list">
@@ -145,14 +246,27 @@ onMounted(loadDashboardData);
       </article>
 
       <article class="card">
-        <h3>Recent Logs</h3>
+        <h3>Storage Quota</h3>
         <div class="table-list">
-          <div v-for="log in logs" :key="log.id" class="table-row">
+          <div v-for="user in storageUsers.slice(0, 8)" :key="user.userId" class="table-row">
             <div>
-              <strong>{{ log.operationName }}</strong>
-              <small>{{ new Date(log.performedAt).toLocaleString() }}</small>
+              <strong>{{ user.username }}</strong>
+              <small>{{ formatBytes(user.storageUsed) }} / {{ formatBytes(user.storageLimit) }} ({{ formatPercent(user.usagePercentage) }})</small>
             </div>
-            <span class="muted">{{ log.ipAddress }}</span>
+            <button class="status-btn" @click="handleAdjustQuota(user)">Adjust</button>
+          </div>
+        </div>
+      </article>
+
+      <article class="card">
+        <h3>Violation Queue</h3>
+        <div class="table-list">
+          <div v-for="item in violations" :key="item.id" class="table-row">
+            <div>
+              <strong>{{ item.fileName }}</strong>
+              <small>{{ item.type }} | {{ item.level }}</small>
+            </div>
+            <button class="status-btn" @click="handleResolveViolation(item.id)">Resolve</button>
           </div>
         </div>
       </article>
@@ -163,7 +277,7 @@ onMounted(loadDashboardData);
           <div v-for="share in shares" :key="share.shareId" class="table-row">
             <div>
               <strong>{{ share.itemInfo.name }}</strong>
-              <small>{{ share.shareLink }}</small>
+              <small>{{ share.shareLink }} | {{ share.visitCount || 0 }} views</small>
             </div>
             <button class="danger-btn" @click="handleDeleteShare(share)">Delete</button>
           </div>
@@ -171,14 +285,27 @@ onMounted(loadDashboardData);
       </article>
 
       <article class="card">
-        <h3>Violation Queue</h3>
+        <h3>Recent Logs</h3>
         <div class="table-list">
-          <div v-for="item in violations" :key="item.id" class="table-row">
+          <div v-for="log in logs" :key="log.id" class="table-row">
             <div>
-              <strong>{{ item.fileName }}</strong>
-              <small>{{ item.type }} · {{ item.level }}</small>
+              <strong>{{ log.operationName }}</strong>
+              <small>{{ new Date(log.performedAt).toLocaleString() }}</small>
             </div>
-            <button class="status-btn" @click="handleResolveViolation(item.id)">Resolve</button>
+            <span class="muted">{{ log.ipAddress }}</span>
+          </div>
+        </div>
+      </article>
+
+      <article class="card">
+        <h3>Rate Limit Status</h3>
+        <div class="table-list" v-if="rateLimitStatus">
+          <div v-for="rule in rateLimitStatus.rules" :key="rule.ruleId" class="table-row">
+            <div>
+              <strong>{{ rule.scope }}</strong>
+              <small>{{ rule.currentUsage }} / {{ rule.limit }} per {{ rule.windowSeconds }}s</small>
+            </div>
+            <span class="muted">blocked: {{ rule.blockedRequests }}</span>
           </div>
         </div>
       </article>
@@ -332,6 +459,29 @@ onMounted(loadDashboardData);
   margin: 0 0 10px;
 }
 
+.card-head {
+  display: flex;
+  justify-content: space-between;
+  align-items: center;
+  gap: 12px;
+  margin-bottom: 10px;
+}
+
+.audit-filters {
+  display: flex;
+  align-items: center;
+  gap: 8px;
+}
+
+.audit-filters input,
+.audit-filters select {
+  height: 34px;
+  border-radius: 8px;
+  border: 1px solid var(--color-border);
+  background-color: var(--color-bg-primary);
+  padding: 0 10px;
+}
+
 .span-2 {
   grid-column: span 2;
 }
@@ -373,6 +523,12 @@ onMounted(loadDashboardData);
   color: var(--color-text-tertiary);
 }
 
+.row-actions {
+  display: flex;
+  align-items: center;
+  gap: 8px;
+}
+
 .notice-form {
   display: flex;
   gap: 10px;
@@ -393,11 +549,35 @@ onMounted(loadDashboardData);
   font-size: 12px;
   padding: 3px 8px;
   border-radius: 999px;
-  background-color: #fde68a;
+  border: 1px solid transparent;
+  text-transform: capitalize;
 }
 
-.badge.read {
+.badge.read,
+.badge.clean {
   background-color: #bbf7d0;
+  border-color: #86efac;
+  color: #166534;
+}
+
+.badge.pending {
+  background-color: #fde68a;
+  border-color: #fcd34d;
+  color: #92400e;
+}
+
+.badge.flagged,
+.badge.unread {
+  background-color: #fecaca;
+  border-color: #fca5a5;
+  color: #991b1b;
+}
+
+@media (max-width: 1160px) {
+  .card-head {
+    flex-direction: column;
+    align-items: flex-start;
+  }
 }
 
 @media (max-width: 980px) {
diff --git a/web/src/pages/files/MyFiles.vue b/web/src/pages/files/MyFiles.vue
index 3cb77ef..021c110 100644
--- a/web/src/pages/files/MyFiles.vue
+++ b/web/src/pages/files/MyFiles.vue
@@ -294,7 +294,7 @@ onUnmounted(() => {
             />
             <span v-else>{{ item.name }}</span>
 
-            <button class="star-btn" :class="{ active: item.isStarred }" @click.stop="handleToggleStar(item)">`r`n              Star`r`n            </button>
+            <button class="star-btn" :class="{ active: item.isStarred }" @click.stop="handleToggleStar(item)">Star</button>
           </div>
 
           <div class="col size">{{ item.itemType === 'file' ? `${(item.size / 1024).toFixed(1)} KB` : '--' }}</div>
diff --git a/web/src/pages/login/Login.vue b/web/src/pages/login/Login.vue
index fc5e223..28dcbd3 100644
--- a/web/src/pages/login/Login.vue
+++ b/web/src/pages/login/Login.vue
@@ -2,14 +2,13 @@
 import { ref } from 'vue';
 import { useRouter } from 'vue-router';
 import { useUserStore } from '../../store/user';
-import { login } from '../../api/user';
 import AuthLayout from '../../components/layout/AuthLayout.vue';
 
 const router = useRouter();
 const userStore = useUserStore();
 
 const username = ref('admin');
-const password = ref('password');
+const password = ref('admin123');
 const rememberMe = ref(false);
 const isLoading = ref(false);
 const errorMessage = ref('');
@@ -22,14 +21,11 @@ const handleLogin = async () => {
   errorMessage.value = '';
 
   try {
-    const response = await login({
+    await userStore.login({
       username: username.value,
       password: password.value,
     });
 
-    userStore.setToken(response.token, response.refreshToken);
-    userStore.user = response.user;
-
     if (rememberMe.value) {
       localStorage.setItem('rememberMe', 'true');
       localStorage.setItem('savedUsername', username.value);
@@ -40,7 +36,7 @@ const handleLogin = async () => {
 
     router.push('/files');
   } catch (error) {
-    errorMessage.value = error instanceof Error ? error.message : '登录失败，请检查账号信息。';
+    errorMessage.value = error instanceof Error ? error.message : 'Login failed. Please check your credentials.';
   } finally {
     isLoading.value = false;
   }
@@ -63,22 +59,28 @@ loadSavedCredentials();
   <AuthLayout>
     <div class="auth-card">
       <header class="auth-header">
-        <h1>欢迎登录 FileFlash</h1>
-        <p>高效管理你的云端文件与共享协作</p>
+        <h1>Sign in to FileFlash</h1>
+        <p>Manage cloud files, team sharing, recycle restore, and admin operations.</p>
+
+        <div class="test-account">
+          <strong>Mock Test Accounts</strong>
+          <small>admin / admin123 (administrator)</small>
+          <small>demo / demo123 (regular user)</small>
+        </div>
       </header>
 
       <form class="auth-form" @submit.prevent="handleLogin">
         <label class="field">
-          <span>用户名 / 邮箱</span>
-          <input v-model="username" type="text" placeholder="请输入用户名或邮箱" required />
+          <span>Username or Email</span>
+          <input v-model="username" type="text" placeholder="Enter username or email" required />
         </label>
 
         <label class="field">
-          <span>密码</span>
+          <span>Password</span>
           <div class="password-wrap">
-            <input v-model="password" :type="showPassword ? 'text' : 'password'" placeholder="请输入密码" required />
+            <input v-model="password" :type="showPassword ? 'text' : 'password'" placeholder="Enter password" required />
             <button type="button" class="password-toggle" @click="showPassword = !showPassword">
-              {{ showPassword ? '隐藏' : '显示' }}
+              {{ showPassword ? 'Hide' : 'Show' }}
             </button>
           </div>
         </label>
@@ -86,21 +88,21 @@ loadSavedCredentials();
         <div class="extra-row">
           <label class="remember">
             <input v-model="rememberMe" type="checkbox" />
-            <span>记住我</span>
+            <span>Remember me</span>
           </label>
-          <router-link to="/forgot-password">忘记密码</router-link>
+          <router-link to="/forgot-password">Forgot password</router-link>
         </div>
 
         <p v-if="errorMessage" class="error-message">{{ errorMessage }}</p>
 
         <button class="submit-btn" type="submit" :disabled="isLoading">
-          {{ isLoading ? '登录中...' : '登录' }}
+          {{ isLoading ? 'Signing in...' : 'Sign in' }}
         </button>
       </form>
 
       <footer class="auth-footer">
-        <span>还没有账号？</span>
-        <router-link to="/register">立即注册</router-link>
+        <span>Need an account?</span>
+        <router-link to="/register">Create one</router-link>
       </footer>
     </div>
   </AuthLayout>
@@ -131,6 +133,26 @@ loadSavedCredentials();
   color: #52667f;
 }
 
+.test-account {
+  margin-top: 12px;
+  padding: 10px 12px;
+  border-radius: 10px;
+  border: 1px solid rgba(var(--color-primary-rgb), 0.22);
+  background-color: rgba(var(--color-primary-rgb), 0.09);
+  display: flex;
+  flex-direction: column;
+  gap: 2px;
+}
+
+.test-account strong {
+  font-size: 12px;
+}
+
+.test-account small {
+  font-size: 12px;
+  color: #415978;
+}
+
 .auth-form {
   display: flex;
   flex-direction: column;
diff --git a/web/src/router/gurad.ts b/web/src/router/gurad.ts
index cf2f769..f561667 100644
--- a/web/src/router/gurad.ts
+++ b/web/src/router/gurad.ts
@@ -3,11 +3,14 @@ import { useUserStore } from '../store/user';
 
 const LOGIN_ROUTE_NAME = 'Login';
 const HOME_ROUTE_NAME = 'Home';
+const FILES_ROUTE_PATH = '/files';
 
 export function createRouterGuard(router: Router) {
   router.beforeEach((to, _from, next) => {
     const userStore = useUserStore();
     const isLoggedIn = !!userStore.token;
+    const requiresAdmin = Boolean(to.meta.requiresAdmin);
+    const hasAdminAccess = userStore.user?.role === 'admin';
 
     if (to.meta.requiresAuth && !isLoggedIn) {
       // This route requires auth, check if logged in
@@ -19,6 +22,8 @@ export function createRouterGuard(router: Router) {
     } else if (to.name === LOGIN_ROUTE_NAME && isLoggedIn) {
       // If logged in, redirect to home page from login page
       next({ name: HOME_ROUTE_NAME });
+    } else if (requiresAdmin && !hasAdminAccess) {
+      next({ path: FILES_ROUTE_PATH });
     } else {
       // Make sure to always call next()!
       next();
diff --git a/web/src/router/routes.ts b/web/src/router/routes.ts
index d5d8548..bdc43b9 100644
--- a/web/src/router/routes.ts
+++ b/web/src/router/routes.ts
@@ -59,7 +59,7 @@ export const routes: Array<RouteRecordRaw> = [
         path: 'dashboard',
         name: 'Dashboard',
         component: () => import('../pages/dashboard/index.ts'),
-        meta: { navId: 'dashboard' }
+        meta: { navId: 'dashboard', requiresAdmin: true }
       }
     ],
   },
diff --git a/web/src/store/user.ts b/web/src/store/user.ts
index 9b0448e..efbaa2d 100644
--- a/web/src/store/user.ts
+++ b/web/src/store/user.ts
@@ -3,14 +3,39 @@ import { ref, computed } from 'vue';
 import { login as apiLogin, getProfile, getStorageStats, refreshToken as apiRefreshToken } from '../api/user';
 import type { LoginRequest, User, UserProfile, StorageStats } from '../types/user';
 
+const STORED_USER_KEY = 'authUser';
+
+function loadStoredUser(): UserProfile | User | null {
+  const raw = localStorage.getItem(STORED_USER_KEY);
+  if (!raw) {
+    return null;
+  }
+
+  try {
+    return JSON.parse(raw) as UserProfile | User;
+  } catch {
+    localStorage.removeItem(STORED_USER_KEY);
+    return null;
+  }
+}
 
 export const useUserStore = defineStore('user', () => {
   const token = ref<string | null>(localStorage.getItem('authToken'));
   const refreshToken = ref<string | null>(localStorage.getItem('refreshToken'));
-  const user = ref<UserProfile | User | null>(null);
+  const user = ref<UserProfile | User | null>(loadStoredUser());
   const storageStats = ref<StorageStats | null>(null);
 
   const isAuthenticated = computed(() => !!token.value);
+  const isAdmin = computed(() => user.value?.role === 'admin');
+
+  function setUser(nextUser: UserProfile | User | null) {
+    user.value = nextUser;
+    if (nextUser) {
+      localStorage.setItem(STORED_USER_KEY, JSON.stringify(nextUser));
+    } else {
+      localStorage.removeItem(STORED_USER_KEY);
+    }
+  }
 
   /**
    * Set the token
@@ -44,7 +69,7 @@ export const useUserStore = defineStore('user', () => {
   async function login(credentials: LoginRequest) {
     const response = await apiLogin(credentials);
     setToken(response.token, response.refreshToken);
-    user.value = response.user as UserProfile; // Assuming login returns full profile for now
+    setUser(response.user as UserProfile);
     await fetchUserProfile();
   }
 
@@ -56,7 +81,7 @@ export const useUserStore = defineStore('user', () => {
     if (!isAuthenticated.value) return;
     try {
       const profile = await getProfile();
-      user.value = profile;
+      setUser(profile);
     } catch (error) {
       console.error('Failed to fetch user profile:', error);
       // Maybe handle token expiration
@@ -89,7 +114,7 @@ export const useUserStore = defineStore('user', () => {
     try {
       const response = await apiRefreshToken();
       setToken(response.token, response.refreshToken);
-      user.value = response.user as UserProfile;
+      setUser(response.user as UserProfile);
       return response;
     } catch (error) {
       // If refresh fails, logout the user
@@ -100,7 +125,7 @@ export const useUserStore = defineStore('user', () => {
 
   function logout() {
     setToken(null, null);
-    user.value = null;
+    setUser(null);
     storageStats.value = null;
     // In a real app, you'd probably want to redirect to the login page
     // router.push('/login');
@@ -118,7 +143,9 @@ export const useUserStore = defineStore('user', () => {
     user, 
     storageStats,
     isAuthenticated,
+    isAdmin,
     setToken, 
+    setUser,
     login,
     logout,
     refreshAccessToken,